我有以下成功处理程序,它是 WebSecurityConfig.java 文件的一部分:
.successHandler(new AuthenticationSuccessHandler() {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
CustomOAuth2User oauthUser = (CustomOAuth2User) authentication.getPrincipal();
userAuthService.processOAuthPostLogin(oauthUser.getEmail());
response.sendRedirect("/list");
}
})
在应该进行强制转换的那一行,它给出了错误:
java.lang.ClassCastException: class org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser cannot be cast to class com.myapp.myapp.mvc.business.domain.user.CustomOAuth2User
我该如何解决这个问题?
CustomOAuth2User类如下:
public class CustomOAuth2User implements OAuth2User {
private OAuth2User oauth2User;
public CustomOAuth2User(OAuth2User oauth2User) {
this.oauth2User = oauth2User;
}
@Override
public Map<String, Object> getAttributes() {
return oauth2User.getAttributes();
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return oauth2User.getAuthorities();
}
@Override
public String getName() {
return oauth2User.getAttribute("name");
}
public String getEmail() {
return oauth2User.<String>getAttribute("email");
}
}
最佳答案
您收到此错误是因为您没有在应用程序中明确定义范围,并且默认情况下范围还包括 openId。
如果您在 application.properties 中定义您的范围,如下所示,您可以将主体转换为 CustomOAuth2User 。
spring.security.oauth2.client.registration.google.scope=email,profile
如果您希望在您的范围中包含 openId,那么您需要将您的主体转换为 DefaultOidcUser 并且您可以创建一个 CustomOidcUserService 服务,如下所示
@Service
public class CustomOidcUserService extends OidcUserService {
@Autowired private UserRepository userRepository;
@Autowired private RoleRepository roleRepository;
@Override
public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2AuthenticationException {
final OidcUser oidcUser = super.loadUser(userRequest);
return oidcUser;
}
关于java - DefaultOidcUser 不能转换为类 CustomOAuth2User,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68105980/