Merge branch '6.1.x'

This commit is contained in:
Steve Riesenberg 2023-11-09 14:13:00 -06:00
commit 67d3e4c9b8
No known key found for this signature in database
GPG Key ID: 5F311AB48A55D521
1 changed files with 57 additions and 0 deletions

View File

@ -201,6 +201,63 @@ fun index(): String {
======
<1> `clientRegistrationId()` is a `static` method in `ServletOAuth2AuthorizedClientExchangeFilterFunction`.
The following code shows how to set an `Authentication` as a request attribute:
[tabs]
======
Java::
+
[source,java,role="primary"]
----
@GetMapping("/")
public String index() {
String resourceUri = ...
Authentication anonymousAuthentication = new AnonymousAuthenticationToken(
"anonymous", "anonymousUser", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));
String body = webClient
.get()
.uri(resourceUri)
.attributes(authentication(anonymousAuthentication)) <1>
.retrieve()
.bodyToMono(String.class)
.block();
...
return "index";
}
----
Kotlin::
+
[source,kotlin,role="secondary"]
----
@GetMapping("/")
fun index(): String {
val resourceUri: String = ...
val anonymousAuthentication: Authentication = AnonymousAuthenticationToken(
"anonymous", "anonymousUser", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"))
val body: String = webClient
.get()
.uri(resourceUri)
.attributes(authentication(anonymousAuthentication)) <1>
.retrieve()
.bodyToMono()
.block()
...
return "index"
}
----
======
<1> `authentication()` is a `static` method in `ServletOAuth2AuthorizedClientExchangeFilterFunction`.
[WARNING]
It is recommended to be cautious with this feature since all HTTP requests will receive an access token bound to the provided principal.
=== Defaulting the Authorized Client