У меня есть базовое c приложение Springboot, и все конечные точки требуют аутентификации.
Аутентификация выполняется с OAuth2 с использованием IBM App ID Cloud Directory.
После успешной аутентификации я вижу это Идентификатор сеанса единого входа cook ie в браузере:
Name: appId-SSO:xxxxxxxx-131f-4725-xxxx-xxxxxxxxxxxx
Value: eyJraWQiOiJhcHBJZC0zxxxxxxxxxxxxMzFmLTQ3MjUtOWEwMy1lZGRlNDI2MWRiZmYtMjAyMC0wMi0yNFQxNTo0OTozNC4xMjQiLCJ0eXAiOiJKT1NFIiwiYWxnIjoiUlMyNTYifQ.eyJkYXRhIjoiM2NkZmExODUtMTMxZi00NzI1LTlhMDMtZWRkZTQyNjFkYmZmOnROb2lxUmxxx2tnTWpDWnd0UWxvTVVnSktxxxxxxEVIIiwidGVuYW50IjoiM2NkZmExODUtMTMxZi00NzI1LTlhMDMtZWRkZTQyNjFkYmZmxxxiaXNzIjoiYXBwaWQtb2F1dGgubmcuYmx1ZW1peC5uZXQiLCJpYXQiOjE1ODc5OTk2Njc0NjMsImp0aSI6IjM3ZTFiMDBjLTJiZjYtNDExNC1hZjMzLTE0ZDcwNzk4OTZmYSJ9.Jrj4kJhGVmve0H3-B_z5WbiGnzpLZJ9dtl1F6ABS_HIMvhGV1h7jSCR6OfBKoInYNsBOZNmgeNPfQiw2VKtzAc510XDigSTVBhCy6XBQIldLeJYPgy5BFRQzX7ZMgsy_Ma6AqIXg2rTGeC6ywKYKWQLEHMGXW24qE0OkWgu2gCKq8n9MLe7aHHeMDtUzUsC-d4ag_LvQSni-fOSnUSe8d2x-etfVvPl351_rXOMYmo1WQ8itEQRw510aGS39LysJtH49k6WyEiD4WUvKmgVJs-QEkiXw-VFDZ50a5RQWyl4xrr2TMQil9mLIcKxcBclpHKP6at_rtQxxxxxxxxxxxx
Domain: us-south.appid.cloud.ibm.com
Path: /
Expiration: Tue Apr 28 2020 16:01:07 GMT+0100 (Irish Standard Time)
Возможно ли получить это значение из кода приложения Spring?
Текущая конфигурация безопасности ..
SecurityConfiguration.java:
package com.test.security;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@EnableWebSecurity
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/**").authenticated()
.anyRequest()
.authenticated()
.and()
.oauth2Login();
}
}
application.yml
spring:
security:
oauth2:
client:
registration:
client-1:
client-id: xxxxxxxx-bbe8-42af-8749-xxxxxxxxxxxx
client-secret: xxxxxxxxxTUtZmJhYy00ODJjLTkxNWMtMDZmNThxxxxxxxxx
provider: org-appid-provider1
authorization-grant-type: authorization_code
scope:
- email
- openid
- profile
redirect-uri: http://localhost:8080/login/oauth2/code/client-1
provider:
org-appid-provider1:
issuer-uri: https://us-south.appid.cloud.ibm.com/oauth/v4/xxxxxxxx-cab3-438e-b978-xxxxxxxxxxxx
user-info-uri: https://us-south.appid.cloud.ibm.com/oauth/v4/xxxxxxxx-cab3-438e-b978-xxxxxxxxxxxx/userinfo
authorization-uri: https://us-south.appid.cloud.ibm.com/oauth/v4/xxxxxxxx-cab3-438e-b978-xxxxxxxxxxxx/authorization
token-uri: https://us-south.appid.cloud.ibm.com/oauth/v4/xxxxxxxx-cab3-438e-b978-xxxxxxxxxxxx/token
user-info-authentication-method: header
jwk-set-uri: https://us-south.appid.cloud.ibm.com/oauth/v4/xxxxxxxx-cab3-438e-b978-xxxxxxxxxxxx/publickeys
user-name-attribute: name