# kduck-modules

**Repository Path**: lhg317/kduck-modules

## Basic Information

- **Project Name**: kduck-modules
- **Description**: kduck的演示项目
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2022-09-03
- **Last Updated**: 2025-11-03

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

oauth需要调整的地方：

  - pom依赖加入：
```xml
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-oauth2-client</artifactId>
    <version>2.7.0</version>
</dependency>
```
- application.yml
```yaml
spring:
  security:
    oauth2:
      client:
        registration:
          messaging-client-oidc:
            provider: spring
            client-id: messaging-client
            client-secret: secret
            authorization-grant-type: authorization_code
            redirect-uri: "http://127.0.0.1:8081/login/oauth2/code/{registrationId}"
            scope: openid
            client-name: messaging-client-oidc
        provider:
          spring:
            issuer-uri: http://localhost:9090
kduck:
  security:
    oauth2:
      client:
        provider:
          userInfoUri: http://127.0.0.1:9090/authUserInfo
```
- 加入SpringBoot配置客户端类：
```java
@Configuration
public class ClientConfig implements HttpSecurityConfigurer {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .oauth2Login(oauth2Login ->
                        oauth2Login.loginPage("/oauth2/authorization/messaging-client-oidc"))
                .oauth2Client(withDefaults());
    }
}
```

- 需要将kduck.security.loginPage定义的首页去除，并建议取消对该地址的免过滤配置

- 为避免用户属性被本地UserExtInfo接口实现类覆盖，建议进行修正，或者弃用

- 需要处理下cn.kduck.webapp.security.CustomRoleAccessVoter类的getRoleCodes方法，
由于登录用户的角色编码oauth2未提供，因此需要自行查询并返回（自己考虑缓存情况）

另：已对登录页面自动面过滤的设置去掉，如需要面过滤需要配置到免过滤列表中

补充客户端sope增加profile