【问题标题】:Springframework "A redirect is required to get the users approval"Springframework“需要重定向才能获得用户的批准”
【发布时间】:2013-12-21 00:00:48
【问题描述】:

我的 Spring Web 应用程序有问题。我想使用 webapp 访问 google(日历)api,因此我必须对 api 进行身份验证并授予对日历的访问权限。

但实际的问题是我收到了错误org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: A redirect is required to get the users approval

web.xml

<context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/root-context.xml, /WEB-INF/spring-security.xml</param-value>
    </context-param>
    <servlet>
        <servlet-name>appServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring/appServlet/servlet-context.xml, /WEB-INF/spring-security.xml</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-3.1.xsd
        http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context-3.1.xsd
        http://www.springframework.org/schema/security/oauth2 
        http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd">

    <oauth:client id="oauth2AuthenticationClientFilter" />

    <oauth:resource id="oauth-resource"
        client-authentication-scheme="form" type="authorization_code"
        access-token-uri="https://accounts.google.com/o/oauth2/token"
        user-authorization-uri="https://accounts.google.com/o/oauth2/auth"
        client-id="CLIENT-ID"
        client-secret="CLIENT-SECRET" scope="https://www.googleapis.com/auth/calendar"
        pre-established-redirect-uri="http://localhost:8080/" />

    <oauth:rest-template id="oauth-rest-template"
        resource="oauth-resource" />
</beans:beans>

控制器

    @Autowired
@Qualifier("oauth-rest-template")
private OAuth2RestTemplate oauth2RestTemplate;


/**
 * Simply selects the home view to render by returning its name.
 * @throws Exception 
 */
@RequestMapping(value = "/test", method = RequestMethod.GET)
public String home(Locale locale, Model model) throws Exception {


    String dataUri = "https://www.googleapis.com/calendar/v3/calendars/sebastian.heckmann%40googlemail.com";

    Calendar result = oauth2RestTemplate.getForObject(dataUri, Calendar.class);

// ... 

return "home";
}

如果您需要更多代码,请告诉我。我是 Spring 新手(安全)

【问题讨论】:

    标签: spring oauth-2.0 google-api-java-client


    【解决方案1】:

    我相信您正在使用 Spring Security,并且必须在您的 web.xml 中定义了 DelegatingFilterProxy 过滤器。

    您的代码 sn-p 没有描述安全配置,您需要执行以下操作才能使其正常工作:-

    1. 在您的 标签中,定义自定义过滤器:-

    2. 将监听器添加到 web.xml

      org.springframework.web.context.request.RequestContextListener

    【讨论】:

      猜你喜欢
      • 2018-10-08
      • 2019-01-01
      • 1970-01-01
      • 1970-01-01
      • 2019-12-15
      • 2017-05-23
      • 1970-01-01
      • 2021-08-28
      • 1970-01-01
      相关资源
      最近更新 更多