【问题标题】:Spring Boot 1.3 + OAuth: Authentication request failed: BadCredentialsException: Could not obtain access tokenSpring Boot 1.3 + OAuth:身份验证请求失败:BadCredentialsException:无法获取访问令牌
【发布时间】:2016-07-06 09:27:21
【问题描述】:

我正在尝试使用 WSO2 身份提供程序对 OAuth Spring Boot 1.3 进行身份验证。

问题:身份验证请求失败:org.springframework.security.authentication.BadCredentialsException:无法获取访问令牌

问题:为了获取访问令牌,我的代码/配置中缺少什么。

application.yml

security:
    oauth2:
        client:
            clientId: 6kRDeCMVKjYzH7duL33AFAYX8dka
            clientSecret: USEZhqRyCfF_dIdEIjFolFOkTAoa
            accessTokenUri: https://localhost:9443/oauth2/token
            userAuthorizationUri: https://localhost:9443/oauth2/authorize
            clientAuthenticationScheme: form
        resource:
schema=openid
            userInfoUri: https://localhost:9443/oauth2/userinfo?schema=openid

Application.groovy

@SpringBootApplication
@EnableOAuth2Sso
class Application extends GrailsAutoConfiguration {

    static void main(String[] args) {
        GrailsApp.run(Application, args)
    }

    @Bean public RequestContextListener requestContextListener(){
        return new RequestContextListener();
    }

}

输出:

DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request '/login' matched by universal pattern '/**'
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@67c3c622. A new one will be created.
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
DEBUG org.springframework.security.web.header.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@681bd9a9
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Request 'GET /login' doesn't match 'POST /logout
DEBUG org.springframework.security.web.FilterChainProxy - /login?code=4ccb21df259c452e187421d46b984cf3&state=ioU1XC at position 6 of 12 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/login'; against '/login'
DEBUG org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter - Request is to process authentication
DEBUG org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Could not obtain access token
DEBUG org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter - Updated SecurityContextHolder to contain null Authentication
DEBUG org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter - Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@1ed9d99c
DEBUG org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler - No failure URL set, sending 401 Unauthorized error
DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed

【问题讨论】:

    标签: spring grails oauth


    【解决方案1】:

    我发现了问题。

    问题:由于我在开发模式下使用 WSO2 身份服务器,带有自签名证书,Java 不信任它。并且,在对 WSO2 端点的某些 HTTP 请求中,连接因此无效证书而失败。

    临时解决方案:在您的开发模式中关闭 SSL 检查。

    解决方案:在生产环境中,请确保您的 WSO2 Identity Server 具有有效的证书。

    【讨论】:

    • 您使用了哪些插件进行 oAuth?
    猜你喜欢
    • 2018-09-07
    • 1970-01-01
    • 1970-01-01
    • 2015-05-10
    • 1970-01-01
    • 2017-07-03
    • 2014-03-21
    • 2014-08-17
    • 2011-06-22
    相关资源
    最近更新 更多