【发布时间】:2017-08-10 20:45:45
【问题描述】:
我有 3 台服务器正在运行,UI(或客户端)、资源服务器和身份验证服务器。除了从资源服务器向客户端获取信息外,一切都运行良好。如果我使用邮递员或任何其他休息服务程序,我会从身份验证服务器获取令牌,然后使用令牌从研究服务器获取信息。现在我去我的客户端服务器,如果我没有通过身份验证,我会被重定向到我登录的授权服务器,它会让我回到客户端服务器,它应该显示一个简单的行,如:
灯不亮
但我只收到 404 null 错误,这应该意味着它没有通过请求获得令牌。
在我的资源服务器中是一个简单的行:
{"lights":"灯不亮"}
对于如何从资源服务器获取带有令牌的信息的任何帮助表示赞赏。
我的资源服务器代码:
LightBoot.java
@RestController public class LightsBoot {
private static final String lights = "lights are %s";
@RequestMapping(value = "/lights")
public Lights greeting(@RequestParam(value = "name", defaultValue = "off") String name) {
return new Lights(String.format(lights, name));
} }
和我的客户代码:
@SpringBootApplication public class ClientApplication {
public static void main(String[] args) {
SpringApplication.run(ClientApplication.class, args);
}
@Bean
OAuth2RestTemplate oAuth2RestTemplate(OAuth2ClientContext clientContext, OAuth2ProtectedResourceDetails details) {
return new OAuth2RestTemplate(details, clientContext);
}
@Bean
public RestTemplate restTemplate() {
return new RestTemplate();
} }
@RestController public class NewController {
private RestTemplate restTemplate;
@Value("${endpoint.lights}")
private String lights;
@Autowired
public NewController(RestTemplate restTemplate) {
this.restTemplate = restTemplate;
}
public GetLights newLight() {
return restTemplate.getForObject(lights, GetLights.class);
}
@RequestMapping(value = "/")
public String lights() {
return newLight() + " <--- here should be value of lights";
}
}
客户端属性如下:
auth-server: http://localhost:8081/authserver
resource-server: http://localhost:8082/resource
endpoint:
lights: http://localhost:8082/resource/lights
server:
port: 8080
security:
basic:
enabled: false
oauth2:
client:
client-id: user
client-secret: user-secret
access-token-uri: ${auth-server}/oauth/token
user-authorization-uri: ${auth-server}/oauth/authorize
scope: USER
authorized-grant-types: authorization_code
resource:
token-info-uri: ${auth-server}/oauth/check_token
logging:
level:
org.springframework.security: DEBUG
EDIT1 我的客户端应用程序的控制台输出
Redirecting to 'http://localhost:8081/authserver/oauth/authorize?client_id=jan&redirect_uri=http://localhost:8080/login&response_type=code&scope=USER&state=qJE3Rp'
Retrieving token from http://localhost:8081/authserver/oauth/token
2017-08-10 14:47:48.898 DEBUG 17560 --- [nio-8080-exec-2] g.c.AuthorizationCodeAccessTokenProvider : Encoding and sending form: {grant_type=[authorization_code], code=[0zeUdq], redirect_uri=[http://localhost:8080/login]}
2017-08-10 14:47:48.928 DEBUG 17560 --- [nio-8080-exec-2] s.CompositeSessionAuthenticationStrategy : Delegating to org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy@327cec
2017-08-10 14:47:48.929 DEBUG 17560 --- [nio-8080-exec-2] s.CompositeSessionAuthenticationStrategy : Delegating to org.springframework.security.web.csrf.CsrfAuthenticationStrategy@1dd8d6
2017-08-10 14:47:48.929 DEBUG 17560 --- [nio-8080-exec-2] uth2ClientAuthenticationProcessingFilter : Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.oauth2.provider.OAuth2Authentication@e5d78cca: Principal: user; Credentials: [PROTECTED]; Authenticated: true; Details: remoteAddress=0:0:0:0:0:0:0:1, sessionId=<SESSION>, tokenType=bearertokenValue=<TOKEN>; Granted Authorities: ROLE_USER
2017-08-10 14:47:48.929 DEBUG 17560 --- [nio-8080-exec-2] RequestAwareAuthenticationSuccessHandler : Redirecting to DefaultSavedRequest Url: http://localhost:8080/
2017-08-10 14:47:48.929 DEBUG 17560 --- [nio-8080-exec-2] o.s.s.web.DefaultRedirectStrategy : Redirecting to 'http://localhost:8080/'
【问题讨论】:
-
当你说“它让我回到客户端服务器”时,你具体是什么意思?授权服务器是否返回重定向响应?如果是这样,那会将您重定向到哪里?听起来您当时被发送到了错误的 URL。
-
@DaveyDaveDave 我添加了一个编辑,以显示控制台打印出来的内容。要访问我的客户端我去localhost:8080,我需要授权服务器,我登录然后我回到localhost:8080
标签: java spring-boot oauth-2.0