我想从谷歌用户那里获得邮箱地址.为此,我使用以下依赖项:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
<version>3.0.4</version>
</dependency>
登录后,用户被重定向至此控制器:
@Controller
public class OAuthController {
@GetMapping("/google")
public ResponseEntity<String> google() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication instanceof OAuth2AuthenticationToken) {
OAuth2User user = (OAuth2User) authentication.getPrincipal();
String email = user.getAttribute("email");
System.out.println(email);
} else {
System.out.println("No Email");
}
return ResponseEntity.ok("Hello");
}
然而,我总是进入Else-语句.这是authentication
的回归:
这是我的安全配置:
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.csrf().disable();
http.sessionManagement().sessionAuthenticationStrategy(sessionAuthenticationStrategy());
http.authorizeHttpRequests(auth ->
auth
.requestMatchers("/api/welcome").authenticated()
.anyRequest().permitAll()
);
http.httpBasic();
http.logout().permitAll();
http.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class);
http.oauth2Login(Customizer.withDefaults());
return http.build();
}
在Google Cloud的OAuth consent screen中,我添加了我的邮箱地址作为测试用户,并添加了作用域.../auth/userinfo.email和.../auth/userinfo.profile.我的应用程序.yml如下所示:
spring:
security:
oauth2:
client:
registration:
google:
client-id: <my-client-id>
client-secret: <my-client-secret>
redirect-uri: http://localhost:8080/google
scope:
- email
- profile
在登录时,谷歌会突出显示邮箱地址将被共享.请参见:
那么为什么我看不到邮箱地址呢?