GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Spring Security
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
19914 Commits
61 Branches
359 Tags
120 MiB
 
 
 
 
Branch: main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
spring-security/docs/modules/ROOT/pages/features/integrations/rest/http-service-client.adoc

73 lines
5.2 KiB
Raw Permalink Blame History

= HTTP Service Clients Integration
Spring Security's OAuth Support can integrate with `RestClient` and `WebClient` {spring-framework-reference-url}integration/rest-clients.html#rest-http-service-client[HTTP Service Clients].
[[configuration]]
== Configuration
After xref:features/integrations/rest/http-service-client.adoc#configuration-restclient[RestClient] or xref:features/integrations/rest/http-service-client.adoc#configuration-webclient[WebClient] specific configuration, usage of xref:features/integrations/rest/http-service-client.adoc[] only requires adding a xref:features/integrations/rest/http-service-client.adoc#client-registration-id[`@ClientRegistrationId`] to methods that require OAuth or their declaring HTTP interface.
Since the presence of xref:features/integrations/rest/http-service-client.adoc#client-registration-id[`@ClientRegistrationId`] determines if and how the OAuth token will be resolved, it is safe to add Spring Security's OAuth support any configuration.
[[configuration-restclient]]
=== RestClient Configuration
Spring Security's OAuth Support can integrate with {spring-framework-reference-url}integration/rest-clients.html#rest-http-service-client[HTTP Service Clients] backed by `RestClient`.
The first step is to xref:servlet/oauth2/client/core.adoc#oauth2Client-authorized-manager-provider[create an `OAuthAuthorizedClientManager` Bean].
Next you must configure `HttpServiceProxyFactory` and `RestClient` to be aware of xref:./http-service-client.adoc#client-registration-id[@ClientRegistrationId]
To simplify this configuration, use javadoc:org.springframework.security.oauth2.client.web.client.support.OAuth2RestClientHttpServiceGroupConfigurer[].
include-code::./RestClientHttpInterfaceIntegrationConfiguration[tag=config,indent=0]
The configuration:
- Adds xref:features/integrations/rest/http-service-client.adoc#client-registration-id-processor[`ClientRegistrationIdProcessor`] to {spring-framework-reference-url}integration/rest-clients.html#rest-http-service-client[`HttpServiceProxyFactory`]
- Adds xref:servlet/oauth2/client/authorized-clients.adoc#oauth2-client-rest-client[`OAuth2ClientHttpRequestInterceptor`] to the `RestClient`
[[configuration-webclient]]
=== WebClient Configuration
Spring Security's OAuth Support can integrate with {spring-framework-reference-url}integration/rest-clients.html#rest-http-service-client[HTTP Service Clients] backed by `WebClient`.
The first step is to xref:reactive/oauth2/client/core.adoc#oauth2Client-authorized-manager-provider[create an `ReactiveOAuthAuthorizedClientManager` Bean].
Next you must configure `HttpServiceProxyFactory` and `WebRestClient` to be aware of xref:./http-service-client.adoc#client-registration-id[@ClientRegistrationId]
To simplify this configuration, use javadoc:org.springframework.security.oauth2.client.web.reactive.function.client.support.OAuth2WebClientHttpServiceGroupConfigurer[].
include-code::./ServerWebClientHttpInterfaceIntegrationConfiguration[tag=config,indent=0]
The configuration:
- Adds xref:features/integrations/rest/http-service-client.adoc#client-registration-id-processor[`ClientRegistrationIdProcessor`] to {spring-framework-reference-url}/integration/rest-clients.html#rest-http-service-client[`HttpServiceProxyFactory`]
- Adds xref:reactive/oauth2/client/authorized-clients.adoc#oauth2-client-web-client[`ServerOAuth2AuthorizedClientExchangeFilterFunction`] to the `WebClient`
[[client-registration-id]]
== @ClientRegistrationId
You can add the javadoc:org.springframework.security.oauth2.client.annotation.ClientRegistrationId[] on the HTTP Service to specify which javadoc:org.springframework.security.oauth2.client.registration.ClientRegistration[] to use.
include-code::./UserService[tag=getAuthenticatedUser]
The xref:features/integrations/rest/http-service-client.adoc#client-registration-id[`@ClientRegistrationId`] will be processed by xref:features/integrations/rest/http-service-client.adoc#client-registration-id-processor[`ClientRegistrationIdProcessor`]
[[type]]
=== Type Level Declarations
`@ClientRegistrationId` can also be added at the type level to avoid repeating the declaration on every method.
include-code::./UserService[tag=type]
[[client-registration-id-processor]]
== `ClientRegistrationIdProcessor`
The xref:features/integrations/rest/http-service-client.adoc#configuration[configured] javadoc:org.springframework.security.oauth2.client.web.client.ClientRegistrationIdProcessor[] will:
- Automatically invoke javadoc:org.springframework.security.oauth2.client.web.ClientAttributes#clientRegistrationId(java.lang.String)[] for each xref:features/integrations/rest/http-service-client.adoc#client-registration-id[`@ClientRegistrationId`].
- This adds the javadoc:org.springframework.security.oauth2.client.registration.ClientRegistration#getId()[] to the attributes
The `id` is then processed by:
- `OAuth2ClientHttpRequestInterceptor` for xref:servlet/oauth2/client/authorized-clients.adoc#oauth2-client-rest-client[RestClient Integration]
- xref:servlet/oauth2/client/authorized-clients.adoc#oauth2-client-web-client[`ServletOAuth2AuthorizedClientExchangeFilterFunction`] (servlets) or xref:servlet/oauth2/client/authorized-clients.adoc#oauth2-client-web-client[`ServerOAuth2AuthorizedClientExchangeFilterFunction`] (reactive environments) for `WebClient`.