从 Jdbc 对象存储加载 oauth2 访问令牌时的类转换异常
在Mule EE 3.8.5中,当加载oauth2访问令牌时,我得到了ClassCastException。我使用的是mule-module-security-oauth2-provider版本1.7.2和mule-module-objectstore 2.1.0
stracktraces开始:
java.lang.ClassCastException: java.lang.String cannot be cast to org.mule.modules.oauth2.provider.token.AccessTokenStoreHolder
at org.mule.modules.oauth2.provider.token.ObjectStoreTokenStore.retrieveByAccessToken(ObjectStoreTokenStore.java:38)
at org.mule.modules.oauth2.provider.token.TokenManager.getNonExpiredAccessTokenHolder(TokenManager.java:116)
at org.mule.modules.oauth2.provider.OAuth2ProviderModule.validate(OAuth2ProviderModule.java:543)
at org.mule.modules.oauth2.provider.processors.ValidateMessageProcessor$1.process(ValidateMessageProcessor.java:178)
at org.mule.modules.oauth2.provider.adapters.OAuth2ProviderModuleProcessAdapter$1.execute(OAuth2ProviderModuleProcessAdapter.java:36)
at org.mule.modules.oauth2.provider.processors.ValidateMessageProcessor.doProcess(ValidateMessageProcessor.java:164)
我的配置将令牌成功存储到一个简单的 H2 数据库表中,格式为:
创建一个表ACCESSTOKENOBJECTSTORE(k varchar(1000),v varchar(1000000))
我可以看到这个表中正在创建的令牌,但是在尝试验证令牌时,我得到了ClassCastException。我的流程看起来像:
<?xml version="1.0" encoding="UTF-8"?>
http://www.mulesoft.org/schema/mule/objectstore/current/mule-objectstore.xsdhttp://www.mulesoft.org/schema/mule/oauth2http://www.mulesoft.org/schema/mule/oauth2/current/mule-oauth2.xsdhttp://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/spring-beans-current.xsdhttp://www.mulesoft.org/schema/mule/corehttp://www.mulesoft.org/schema/mule/core/current/mule.xsdhttp://www.mulesoft.org/schema/mule/httphttp://www.mulesoft.org/schema/mule/http/current/mule-http.xsdhttp://www.mulesoft.org/schema/mule/oauth2-providerhttp://www.mulesoft.org/schema/mule/oauth2-provider/current/mule-oauth2-provider.xsdhttp://www.mulesoft.org/schema/mule/api-platform-gwhttp://www.mulesoft.org/schema/mule/api-platform-gw/current/mule-api-platform-gw.xsdhttp://www.mulesoft.org/schema/mule/ee/trackinghttp://www.mulesoft.org/schema/mule/ee/tracking/current/mule-tracking-ee.xsdhttp://www.mulesoft.org/schema/mule/corshttp://www.mulesoft.org/schema/mule/cors/current/mule-cors.xsdhttp://www.mulesoft.org/schema/mule/spring-securityhttp://www.mulesoft.org/schema/mule/spring-security/current/mule-spring-security.xsdhttp://www.mulesoft.org/schema/mule/objectstorehttp://www.mulesoft.org/schema/mule/ee/jdbc/current/mule-jdbc-ee.xsd”
<spring:beans>
<spring:bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource"
name="dataSource">
<spring:property name="jdbcUrl"
value="jdbc:h2:tcp://localhost/~/h2/h2db" />
<spring:property name="username" value="sa" />
<spring:property name="password" value="sa" />
</spring:bean>
<spring:bean name="accessTokenJdbcStore"
class="org.mule.transport.jdbc.store.JdbcObjectStore">
<spring:property name="jdbcConnector" ref="accessTokenJdbcConnector"></spring:property>
<spring:property name="insertQueryKey" value="insertQueryKey"></spring:property>
<spring:property name="selectQueryKey" value="selectQueryKey"></spring:property>
<spring:property name="deleteQueryKey" value="deleteQueryKey"></spring:property>
<spring:property name="clearQueryKey" value="clearQueryKey"></spring:property>
</spring:bean>
<spring:bean name="refreshTokenJdbcStore"
class="org.mule.transport.jdbc.store.JdbcObjectStore">
<spring:property name="jdbcConnector" ref="refreshTokenJdbcConnector"></spring:property>
<spring:property name="insertQueryKey" value="insertQueryKey"></spring:property>
<spring:property name="selectQueryKey" value="selectQueryKey"></spring:property>
<spring:property name="deleteQueryKey" value="deleteQueryKey"></spring:property>
<spring:property name="clearQueryKey" value="clearQueryKey"></spring:property>
</spring:bean>
<spring:bean name="tokenStore"
class="org.mule.modules.oauth2.provider.token.ObjectStoreTokenStore">
<spring:property name="refreshTokenObjectStore" ref="refreshTokenJdbcStore" />
<spring:property name="accessTokenObjectStore" ref="accessTokenJdbcStore" />
</spring:bean>
</spring:beans>
<jdbc-ee:connector name="refreshTokenJdbcConnector"
pollingFrequency="1000" dataSource-ref="dataSource"
transactionPerMessage="false" doc:name="Database">
<jdbc-ee:query key="insertQueryKey"
value="insert into REFRESHTOKENOBJECTSTORE (k,v) values (?,?)"></jdbc-ee:query>
<jdbc-ee:query key="selectQueryKey"
value="select k,v from REFRESHTOKENOBJECTSTORE where k = ?"></jdbc-ee:query>
<jdbc-ee:query key="deleteQueryKey"
value="delete from REFRESHTOKENOBJECTSTORE where k = ?"></jdbc-ee:query>
<jdbc-ee:query key="clearQueryKey" value="delete from REFRESHTOKENOBJECTSTORE"></jdbc-ee:query>
</jdbc-ee:connector>
<jdbc-ee:connector name="accessTokenJdbcConnector"
pollingFrequency="1000" dataSource-ref="dataSource"
transactionPerMessage="false" doc:name="Database">
<jdbc-ee:query key="insertQueryKey"
value="insert into ACCESSTOKENOBJECTSTORE (k,v) values (?,?)"></jdbc-ee:query>
<jdbc-ee:query key="selectQueryKey"
value="select k,v from ACCESSTOKENOBJECTSTORE where k = ?"></jdbc-ee:query>
<jdbc-ee:query key="deleteQueryKey"
value="delete from ACCESSTOKENOBJECTSTORE where k = ?"></jdbc-ee:query>
<jdbc-ee:query key="clearQueryKey" value="delete from ACCESSTOKENOBJECTSTORE"></jdbc-ee:query>
</jdbc-ee:connector>
<objectstore:config name="accessTokenObjectStore"
objectStore-ref="accessTokenJdbcStore"></objectstore:config>
<objectstore:config name="refreshTokenObjectStore"
objectStore-ref="refreshTokenJdbcStore"></objectstore:config>
<oauth2-provider:config name="OAuth_provider_module"
html" target="_blank">accessTokenEndpointPath="oauth/token" providerName="CustomProvider"
authorizationEndpointPath="oauth/authorize" listenerConfig-ref="HTTP_Listener_Configuration"
supportedGrantTypes="CLIENT_CREDENTIALS" doc:name="OAuth provider module"
scopes="SOMETHING" enableRefreshToken="true" tokenStore-ref="tokenStore">
<oauth2-provider:clients>
<oauth2-provider:client clientId="abc" secret="def"
type="CONFIDENTIAL">
<oauth2-provider:authorized-grant-types>
<oauth2-provider:authorized-grant-type>CLIENT_CREDENTIALS</oauth2-provider:authorized-grant-type>
</oauth2-provider:authorized-grant-types>
<oauth2-provider:scopes>
<oauth2-provider:scope>SOMETHING</oauth2-provider:scope>
</oauth2-provider:scopes>
</oauth2-provider:client>
</oauth2-provider:clients>
</oauth2-provider:config>
<http:listener-config name="HTTP_Listener_Configuration"
host="0.0.0.0" port="8081" doc:name="HTTP Listener Configuration" />
<flow name="oauthFlow">
<http:listener config-ref="HTTP_Listener_Configuration"
doc:name="HTTP" path="/api" />
<oauth2-provider:validate config-ref="OAuth_provider_module"
doc:name="OAuth provider module" scopes="SOMETHING" />
<custom-processor
class="com.mulesoft.module.oauth2.ValidatorResponseBuilder" doc:name="Java" />
</flow>
更新:
blob类型更适合v列。但是,对于DB2驱动程序,这会导致:
Caused by: java.sql.SQLException: [jcc][1091][10824][4.13.127] Invalid data conversion: Parameter instance org.mule.modules.oauth2.provider.token.AccessTokenStoreHolder@4ca9421d is invalid for the requested conversion. ERRORCODE=-4461, SQLSTATE=42815 Query: insert into ACCESSTOKENOBJECTSTORE (k,v) values (?,?) Parameters: [934GcogFNLR6U6r9uFYa4ABwyYY7CU-O5UP966_38T-Q0JqssQf_ZZWg-tF73jgMoDTUqoPcXD9HT1bYBMvLyQ, org.mule.modules.oauth2.provider.token.AccessTokenStoreHolder@4ca9421d]
at org.apache.commons.dbutils.QueryRunner.rethrow(QueryRunner.java:540) ~[commons-dbutils-1.2.jar:1.2]
at org.apache.commons.dbutils.QueryRunner.update(QueryRunner.java:597) ~[commons-dbutils-1.2.jar:1.2]
at org.apache.commons.dbutils.QueryRunner.update(QueryRunner.java:653) ~[commons-dbutils-1.2.jar:1.2]
at org.mule.transport.jdbc.store.JdbcObjectStore$2.process(JdbcObjectStore.java:205) ~[mule-transport-jdbc-3.8.5.jar:3.8.5]
共有1个答案
你的配置对我来说似乎很好。< br >我所做的唯一改变是改变创建DB表的方式及其数据类型。< br >以下脚本将帮助您在h2 db中创建具有准确数据类型的表:
CREATE TABLE IF NOT EXISTS ACCESSTOKENOBJECTSTORE (
id NUMBER AUTO_INCREMENT,
k VARCHAR(256),
v OTHER,
constraint ACCESSTOKENOBJECTSTORE_pk PRIMARY KEY(id)
);
-
问题内容: 我遇到一种情况,我想自己创建一个访问令牌(因此不能通过通常的过程)。我想出了这样的东西: 唯一的问题是我不确定如何创建OAuth2Authentication(在我的代码中带有xxx的部分)。我有用户和客户信息,我知道我想授予该令牌的单位。 问题答案: 在这里,根据使用的流程,您的用例可能会略有不同。这适用于密码授予流程。有一些自定义类,如令牌存储,令牌增强器等。但这实际上只是为满足我
-
我正在尝试构建一个Spring Boot REST API,它将实现社交登录(Spotify)。成功登录Spotify后,我想将Spotify access_令牌存储在我生成的JWT令牌中,以便能够访问我的后端。我需要一个Spotify访问令牌,以便能够对Spotify进行API调用(几乎所有对我的应用程序的请求都需要调用Spotify API)。在JWT中存储外部服务的访问令牌是一种好做法吗?或
-
这是我第一次使用谷歌的驱动器api,所以如果我做错了什么,我提前道歉。 以下是我得到的: 我使用一个web应用程序手动遍历OAuth2舞蹈,以便在TokenResponse中获得AccessToken、RefreshToken和TokenType。那些值都成功地回来了,我存储了它们。 现在,我已经深入谷歌文档好几天了,几乎不知所措。我开始研究他们提供的DrEdit解决方案,但它引用了在他们最近的A
-
我得到的令牌是: http://localhost:8080/servicesmem/oauth/token?username=myuser&password=mypassword&grant_type=password&scope=read,write,trust 我得到: 我得到: 我使用头:Authorization Bearer ACCESS_TOKEN,但我得到了同样的错误。我错过了什么
-
null 实现基于Spring Boot with Spring Security(OAuth2)。我有以下工作2LA流程: RP可以使用和向AS发送访问令牌请求。 AS使用访问令牌响应RP。 RP能够使用所述接入令牌向RS发出授权请求。 RS能够使用AS上的endpoint验证访问令牌。 问题:在上面的步骤1中,我需要对我的AS进行哪些更改,以便它接受基于JWT的访问令牌请求? RP OAuth
-
我试图设计一个应用程序,从我的谷歌云存储帐户下载适当的声音文件。该应用程序不访问用户帐户,但我自己的帐户。 我的阅读让我相信,最合适的模式是服务账户https://code.google.com/p/google-api-java-client/wiki/OAuth2#Service_Accounts 不幸的是,开发人员决定不提供Android的例子。他们确实提供了一个很好的例子,只是简单的Jav