- Create a custom InMemoryOAuth2AuthorizationRequestRepository and configure it according to the document
- Expected to use InMemoryOAuth2AuthorizationRequestRepository, but actually used HttpSessionOAuth2AuthorizationRequestRepository
tip:
Because springboot is provided as a backend API for Vue to use, So the following code was used.
http
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
Also, Can I provide InMemoryOAuth2AuthorizationRequestRepository for spring security? I have One more question ,
http.requestMatchers("/a")).permitAll()
if interface a throw Exception responseHeader have a Location http://127.0.0.1:8080/login . Is it expected behavior? Alternatively, it is also a bug
- github repository https://github.com/BingChunMoLi/security_oauth_demo
Comment From: jzheaux
Thanks for getting in touch, @BingChunMoLi! It feels like this is a question that would be better suited to Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add more detail if you feel this is a genuine bug.