【问题标题】:Response for preflight has invalid HTTP status code 401 for oauth/token对于 oauth/token 的预检响应具有无效的 HTTP 状态代码 401
【发布时间】:2017-11-22 19:40:42
【问题描述】:

我已经在spring boot中实现了CORS过滤器。代码如下:-

@SpringBootApplication
@Component
public class Application implements Filter {
public static void main(String[] args) {
    SpringApplication.run(Application.class, args);
}

@Override
public void init(FilterConfig filterConfig) throws ServletException {

}

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    HttpServletResponse response = (HttpServletResponse) servletResponse;

    response.setHeader("Access-Control-Allow-Origin", "*");
    response.setHeader("Access-Control-Allow-Credentials", "true");
    response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
    response.setHeader("Access-Control-Max-Age", "3600");
    response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");

    filterChain.doFilter(servletRequest, servletResponse);
}

@Override
public void destroy() {

}
}

为了从 oauth2 获取 access_token,我从 angularjs 创建了以下对象:-

 {"url":"http://localhost:8080/oauth/token?grant_type=client_credentials&client_id=clientId&client_secret=clientSecret","headers":{"Authorization":"Basic token_value"},"withCredentials":true,"method":"POST"}

当我访问服务器时出现以下错误:-

OPTIONS url... 401() Response for preflight has invalid HTTP status code 401

我已经在堆栈溢出中寻找类似问题的解决方案,但没有一个能解决我的问题。有人可以帮忙吗?

【问题讨论】:

标签: java angularjs spring spring-boot oauth-2.0


【解决方案1】:

请阅读更多关于Preflight requests的信息。

如果服务器支持跨域请求,他们只是建议浏览器。对此类OPTIONS 请求的响应应该很好(即

我认为语句filterChain.doFilter(servletRequest, servletResponse); 是进一步传递请求,而不是返回响应。

您可以在此处阅读有关在 Java 中使用 Spring 启用 CORS 的更多信息Enable CORS for OPTIONS request using Spring Framework

【讨论】:

    【解决方案2】:

    以下代码解决了我的问题

    @Bean
    public FilterRegistrationBean corsFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        CorsConfiguration config = new CorsConfiguration();
        config.setAllowCredentials(true);
        config.addAllowedOrigin("*");
        config.addAllowedHeader("*");
        config.addAllowedMethod("*");
        source.registerCorsConfiguration("/**", config);
        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
        bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
        return bean;
    }
    

    代码示例取自https://github.com/spring-projects/spring-security-oauth/issues/938

    【讨论】:

      猜你喜欢
      • 2018-09-10
      • 2017-03-15
      • 2018-04-05
      • 2018-07-01
      • 2017-07-02
      • 2023-04-10
      • 2018-10-02
      • 2018-06-17
      • 2016-11-14
      相关资源
      最近更新 更多