【发布时间】:2018-10-08 22:22:20
【问题描述】:
我正在学习 OAUTH2 实现
当我点击我的客户端 http://localhost:8082/ui - UI 的 REST 端点,在登录到身份验证服务器 http://localhost:8081/auth/login 后,它将带我到安全的 URI http://localhost:8082/secure。 但它在http://localhost:8082/ui/login 失败并给我错误
org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: 需要重定向才能获得用户的批准
我的客户端配置是
OauthConfig.java
@EnableOAuth2Sso
@Configuration
public class OauthConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// TODO Auto-generated method stub
http.antMatcher("/**").
authorizeRequests().antMatchers("/","/login**").permitAll().anyRequest().authenticated();
/*http
.authorizeRequests().anyRequest().authenticated();*/
}
}
和 webconfig.java
@SuppressWarnings("deprecation")
@EnableWebMvc
@Configuration
public class WebConfig extends WebMvcConfigurerAdapter {
@Override
public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
// TODO Auto-generated method stub
configurer.enable();
}
@Override
public void addViewControllers(ViewControllerRegistry registry) {
// TODO Auto-generated method stub
super.addViewControllers(registry);
registry.addViewController("/").setViewName("forward:/index");
registry.addViewController("/index");
registry.addViewController("/secure");
}
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
// TODO Auto-generated method stub
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}
@Bean
public static PropertySourcesPlaceholderConfigurer placeHolderConfigurer()
{
return new PropertySourcesPlaceholderConfigurer();
}
@Bean
public RequestContextListener contextlist()
{
return new RequestContextListener();
}
@Bean
public static PropertySourcesPlaceholderConfigurer placeholderConfigurer() {
return new PropertySourcesPlaceholderConfigurer();
}
}
我的 application.yml 是
server:
port: 8082
servlet:
context-path: /ui
session:
cookieName: UISESSION
spring:
thymeleaf:
cache: false
oauth2:
client:
client-id: ClientId
clientSecret: secret
accessTokenUri: http://localhost:8081/auth/oauth/token
userAuthorizationUri: http://localhost:8081/auth/oauth/authorize
clientAuthenticationScheme: form
resource:
userInfoUri: http://localhost:8081/auth/rest/hello/principal
preferTokenInfo: false
我需要为此编写自定义 oauth2ClientContextFilter 吗?我已经在 pom.xml 中添加了 spring-security-oauth2。任何帮助将不胜感激。
【问题讨论】:
标签: mysql spring-boot oauth-2.0