我试图做一个简单的Spring启动oau2应用程序,我面临的问题, /oauth/authorize是不匹配到oau2服务器endpoint。该endpoint甚至没有列在可用的apis列表中
我的代码:
package com.example;
import java.security.Principal;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@SpringBootApplication
@RestController
@EnableResourceServer
public class DemoApplication extends WebMvcConfigurerAdapter{
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory().withClient("foo").secret("foosecret")
.authorizedGrantTypes("authorization_code", "refresh_token", "password").scopes("openid");
}
}
@RequestMapping("/user")
public Principal user(Principal user) {
return user;
}
}
和应用程序属性:
server.port=9000
security.user.name=bar
security.user.password=barsecret
#server.contextPath=/
#security.oauth2.client.clientId=foo
#security.oauth2.client.clientSecret=foosecret
#security.oauth2.client.authorized-grant-types=authorization_code,refresh_token,password
#security.oauth2.client.scope=picture
logging.level.org.springframework.web=debug
logging.level.org.springframework.security=trace
logging.level.org.springframework.web-security=trace
当我尝试此请求时:
查看此处Oauth代码请求的图像,打印日志,并且没有匹配器映射到/oauth/authorize
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/css/**']
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/css/**'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/js/**']
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/js/**'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/images/**']
....
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/**/favicon.ico'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/error']
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/error'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token']
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/oauth/token'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token_key']
2017-01-03 00:00:10.310 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/oauth/token_key'
2017-01-03 00:00:10.310 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/check_token']
2017-01-03 00:00:10.310 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/oauth/check_token'
2017-01-03 00:00:10.310 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-01-03 00:00:10.313 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/pause']
...
2017-01-03 00:00:10.316 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/resume/']
2017-01-03 00:00:10.316 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/resume/'
2017-01-03 00:00:10.316 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/metrics']
...
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/configprops/'
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/**']
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request '/oauth/authorize' matched by universal pattern '/**'
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : matched
2017-01-03 00:00:10.319 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2017-01-03 00:00:10.320 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2017-01-03 00:00:10.320 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@33b1c010
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/logout'
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /oauth/authorize' doesn't match 'POST /logout
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /oauth/authorize' doesn't match 'PUT /logout
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /oauth/authorize' doesn't match 'DELETE /logout
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2017-01-03 00:00:10.323 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.a.www.BasicAuthenticationFilter : Basic Authentication Authorization header found for user 'foo'
2017-01-03 00:00:10.325 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
2017-01-03 00:00:10.327 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.a.dao.DaoAuthenticationProvider : User 'foo' not found
2017-01-03 00:00:10.330 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.a.www.BasicAuthenticationFilter : Authentication request for failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials
2017-01-03 00:00:10.330 DEBUG 10988 --- [nio-9000-exec-1] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2017-01-03 00:00:10.340 DEBUG 10988 --- [nio-9000-exec-1] o.s.web.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/error]
2017-01-03 00:00:10.351 DEBUG 10988 --- [nio-9000-exec-1] s.w.s.m.m.a.RequestMappingHandlerMapping : Looking up handler method for path /error
2017-01-03 00:00:10.354 DEBUG 10988 --- [nio-9000-exec-1] s.w.s.m.m.a.RequestMappingHandlerMapping : Returning handler method [public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)]
2017-01-03 00:00:10.355 DEBUG 10988 --- [nio-9000-exec-1] o.s.web.servlet.DispatcherServlet : Last-Modified value for [/error] is: -1
2017-01-03 00:00:10.422 DEBUG 10988 --- [nio-9000-exec-1] o.s.w.s.m.m.a.HttpEntityMethodProcessor : Written [{timestamp=Tue Jan 03 00:00:10 IST 2017, status=401, error=Unauthorized, message=Bad credentials, path=/oauth/authorize}] as "application/json" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@761956ac]
2017-01-03 00:00:10.422 DEBUG 10988 --- [nio-9000-exec-1] o.s.web.servlet.DispatcherServlet : Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling
2017-01-03 00:00:10.422 DEBUG 10988 --- [nio-9000-exec-1] o.s.web.servlet.DispatcherServlet : Successfully completed request
项目源zip:https://filehost.net/4aa76878c969c76c
您正在使用@EnableResourceServer
。您需要使用@EnableAuthorizationServer
。
OAuth2 术语中的资源服务器是接受来自授权服务器的 OAuth2 令牌的服务。
问题内容: 我正在尝试为各个字段使用不同的分析器设置ElasticSearch索引。但是,我似乎找不到一种设置特定于字段的分析器的方法。这是我创建(测试)索引的方法: 如果我正确阅读了文档,则应创建类型为“ tweet”的索引“ twitter”,并且应通过雪球词根分析器分析“ message”字段的内容。为了对此进行测试,我尝试了以下查询: 如果我没记错的话,那应该会受到打击,因为战斗是战斗的源
我已经定义了对象HomeContentDTO和SubscriberUpsertDTO的映射 下面是这两个对象的映射配置 HomeContentDTO中的所有映射值都没有复制到SubscriberUpsertDTO。有人知道原因吗?
有一个重定向到登录页面,在输入凭据并提交表单后,身份验证在服务器上成功。 之后,我希望流继续授权,并转到irder中org.springframework.security.oauth2.provider.endpoint.authorizationendpoint中的oauth/authorizeendpoint,生成授权代码并将其发送回客户端应用程序。但事实并非如此。 请帮我说清楚为什么?为什
在代码中使用XSLT 2.0的字符映射功能时,我遇到了以下错误。 名称空间中的元素“样式表”http://www.w3.org/1999/XSL/Transform'命名空间中的子元素'character map'无效'http://www.w3.org/1999/XSL/Transform“是的 这是我的XSLT声明 请提供有关如何在XSLT中使用字符映射的帮助。
当我访问localhost:8080/home-我得到: 当我访问localhost:8080/或localhost:8080/index时,看起来一切正常。 为什么一条路行得通,而另一条行不通? 还有一件事让我困惑:localhost:8080/homepage。html-返回我的主视图。 所以我的项目在这里:https://github.com/IRus/jMusic 我的web.xml se
我使用fasterxml jackson进行json序列化。我已将日期序列化程序编写为 但它没有被调用。然而,其他Jackson序列化程序运行良好。 现在日期正被正确序列化。但是现在有效的JSON等效字符串并没有像这里提到的那样转换为JSON。