【问题标题】:Spring Boot UserRedirectRequiredException- A redirect is required to get the users approvalSpring Boot UserRedirectRequiredException - 需要重定向才能获得用户的批准
【发布时间】:2018-10-08 22:22:20
【问题描述】:

我正在学习 OAUTH2 实现

当我点击我的客户端 http://localhost:8082/ui - UI 的 REST 端点,在登录到身份验证服务器 http://localhost:8081/auth/login 后,它将带我到安全的 URI http://localhost:8082/secure。 但它在http://localhost:8082/ui/login 失败并给我错误

org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: 需要重定向才能获得用户的批准

我的客户端配置是

OauthConfig.java

@EnableOAuth2Sso
@Configuration
public class OauthConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // TODO Auto-generated method stub
        http.antMatcher("/**").
        authorizeRequests().antMatchers("/","/login**").permitAll().anyRequest().authenticated();
         /*http    
         .authorizeRequests().anyRequest().authenticated();*/
    }
}

和 webconfig.java

@SuppressWarnings("deprecation")
@EnableWebMvc
@Configuration
public class WebConfig extends WebMvcConfigurerAdapter {

    @Override
    public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
        // TODO Auto-generated method stub
         configurer.enable();
    }

    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        // TODO Auto-generated method stub
        super.addViewControllers(registry);
        registry.addViewController("/").setViewName("forward:/index");
        registry.addViewController("/index");
        registry.addViewController("/secure");
    }

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        // TODO Auto-generated method stub
        registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
    }

    @Bean
    public  static PropertySourcesPlaceholderConfigurer placeHolderConfigurer()
    {
        return new PropertySourcesPlaceholderConfigurer();
    }

    @Bean
    public RequestContextListener contextlist() 
    {
        return new RequestContextListener();
    }

    @Bean
    public static PropertySourcesPlaceholderConfigurer placeholderConfigurer() {
        return new PropertySourcesPlaceholderConfigurer();
    }

}

我的 application.yml 是

 server:
  port: 8082
  servlet:
    context-path: /ui
  session: 
    cookieName: UISESSION





 spring: 
  thymeleaf:
    cache: false
  oauth2:
    client:

      client-id: ClientId
      clientSecret: secret
      accessTokenUri: http://localhost:8081/auth/oauth/token
      userAuthorizationUri: http://localhost:8081/auth/oauth/authorize


    clientAuthenticationScheme: form



    resource: 
      userInfoUri: http://localhost:8081/auth/rest/hello/principal
      preferTokenInfo: false

我需要为此编写自定义 oauth2ClientContextFilter 吗?我已经在 pom.xml 中添加了 spring-security-oauth2。任何帮助将不胜感激。

【问题讨论】:

    标签: mysql spring-boot oauth-2.0


    【解决方案1】:

    我有类似的经历,通过@EnableOAuth2Client交换@EnableOAuth2Sso解决了。

    似乎@EnableOAuth2Sso 注释向springSecurityFilterChain 添加了一个额外的安全链过滤器OAuth2ClientAuthenticationProcessingFilter,这会抛出UserRedirectRequiredException

    【讨论】:

      【解决方案2】:

      更新 SecurityContextHolder

      SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL);

      【讨论】:

        猜你喜欢
        • 2019-01-01
        • 2013-12-21
        • 1970-01-01
        • 1970-01-01
        • 2019-12-15
        • 2017-05-23
        • 1970-01-01
        • 2021-08-28
        • 1970-01-01
        相关资源
        最近更新 更多