일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | |||||
3 | 4 | 5 | 6 | 7 | 8 | 9 |
10 | 11 | 12 | 13 | 14 | 15 | 16 |
17 | 18 | 19 | 20 | 21 | 22 | 23 |
24 | 25 | 26 | 27 | 28 | 29 | 30 |
31 |
- spring-batch
- statestore
- reactive
- Kafka
- aws
- play framework
- Elasticsearch
- kafkastreams
- avo
- schema registry
- scala 2.10
- 플레이 프레임워크
- confluent
- spring-cloud-stream
- Logstash
- Elk
- gradle
- 한빛미디어
- Slick
- kafka interactive query
- kafkastream
- enablekafkastreams
- Spring
- coursera
- 카프카
- kafka streams
- RabbitMQ
- scala
- spring-kafka
- springboot
- Today
- Total
b
spring security oauth2 에서 access token의 저장 본문
Spring Security OAuth2 인증 순서.
1. https://localhost:8443/login 으로 로그인을 하려고 하면 security의 `anyRequest().authenticated()` 코드에 의해 인증이 필요한것으로 파악하여 302응답이 돌아온다.
Status Code : 302
Location: https://www.facebook.com/dialog/oauth?client_id=394182450695217&redirect_uri=https://localhost:8443/login&response_type=code&state=X6kWlA
해당 Server Log
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] o.s.security.web.FilterChainProxy : /login at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@16504e11. A new one will be created.
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] o.s.security.web.FilterChainProxy : /login at position 6 of 12 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login'
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
2019-04-11 15:17:37.329 DEBUG 52044 --- [nio-8443-exec-6] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2019-04-11 15:17:37.329 DEBUG 52044 --- [nio-8443-exec-6] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2019-04-11 15:17:37.329 DEBUG 52044 --- [nio-8443-exec-6] o.s.s.web.DefaultRedirectStrategy : Redirecting to 'https://www.facebook.com/dialog/oauth?client_id=394182450695217&redirect_uri=https://localhost:8443/login&response_type=code&state=X6kWlA'
2. 해당 링크에서 다시 한번 페이스북 로그인을 요청하기 위해 302:redirect를 한다.
https://www.facebook.com/login.php?skip_api_login .. 이때 cancel_url 과 redirect_url 파라미터를 추가로 붙인다. 거기서 성공하면 다시 한번 https://www.facebook.com/dialog/oauth 를 호출하게 되고 302응답과 함께 code 값을 받아온다.
해당 값으로 access token을 얻기 위해 호출한다. -> https://git.io/fjqur 에서 OAuth2RestTeamplte 를 이용해서 access token을 얻어온다는 https://git.io/fjquP 에서 context에 저장한다.