问题：

RestController在oauth2 Spring Boot中不工作

呼延辰龙

2023-03-14

我已经安装了auth服务器和资源服务器，如以下文章http://www.hascode.com/2016/03/setting-up-an-oauth2-authorization-server-and-resource-provider-with-spring-boot/所述

我下载了代码，它运行良好。现在的问题是，在资源提供者项目中只有一个RestController注释类，如下所示

package com.hascode.tutorial;

import java.util.UUID;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Scope;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@SpringBootApplication
@RestController
@EnableResourceServer
public class SampleResourceApplication {
    public static void main(String[] args) {
        SpringApplication.run(SampleResourceApplication.class, args);
    }

    @RequestMapping("/")
    public String securedCall() {
        return "success (id: " + UUID.randomUUID().toString().toUpperCase() + ")";
    }
}

@RestController
@RequestMapping("/public")
public class PersonController {

    @Autowired
    private PersonRepository personRepo;

    @RequestMapping(value = "/person", method = RequestMethod.GET)
    public ResponseEntity<Collection<Person>> getPeople() {
        return new ResponseEntity<>(personRepo.findAll(), HttpStatus.OK);
    }

    @RequestMapping(value = "/{id}", method = RequestMethod.GET)
    public ResponseEntity<Person> getPerson(@PathVariable long id) {
        Person person = personRepo.findOne(id);

        if (person != null) {
            return new ResponseEntity<>(personRepo.findOne(id), HttpStatus.OK);
        } else {
            return new ResponseEntity<>(null, HttpStatus.NOT_FOUND);
        }
    }

    @RequestMapping(method = RequestMethod.POST)
    public ResponseEntity<?> addPerson(@RequestBody Person person) {
        return new ResponseEntity<>(personRepo.save(person), HttpStatus.CREATED);
    }

    @RequestMapping(value = "/{id}", method = RequestMethod.DELETE)
    public ResponseEntity<Void> deletePerson(@PathVariable long id, Principal principal) {
        Person currentPerson = personRepo.findByUsername(principal.getName());

        if (currentPerson.getId() == id) {
            personRepo.delete(id);
            return new ResponseEntity<Void>(HttpStatus.OK);
        } else {
            return new ResponseEntity<Void>(HttpStatus.UNAUTHORIZED);
        }
    }

    @RequestMapping(value = "/{id}/parties", method = RequestMethod.GET)
    public ResponseEntity<Collection<Party>> getPersonParties(@PathVariable long id) {
        Person person = personRepo.findOne(id);

        if (person != null) {
            return new ResponseEntity<>(person.getParties(), HttpStatus.OK);
        } else {
            return new ResponseEntity<>(null, HttpStatus.NOT_FOUND);
        }
    }

}

{
    "timestamp": 1508752923085,
    "status": 404,
    "error": "Not Found",
    "message": "No message available",
    "path": "/resources/public/person"
}

成功(ID:27DCEF5E-AF11-4355-88C5-150F804563D0)

我应该在任何地方注册Contoller吗？还是我缺少任何配置

https://bitbucket.org/hascode/spring-oauth2-示例

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

@Configuration
@EnableResourceServer
public class ResourceServerConfiguration  extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
        .anonymous().and()
        .authorizeRequests()
        .antMatchers("/resources/public/**").permitAll()
        .antMatchers("/resources/private/**").authenticated();
    }
}

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class OAuth2SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
        .anonymous().and()
        .authorizeRequests()
        .antMatchers("/resources/public/**").permitAll()
        .antMatchers("/resources/private/**").authenticated();
    }
}

@Override
    public void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
         .antMatchers("/resources/public/**").permitAll() //Allow register url
         .anyRequest().authenticated().and()
         .antMatcher("/resources/**").authorizeRequests() //Authenticate all urls with this body /api/home, /api/gallery
         .antMatchers("/resources/**").hasRole("ADMIN")
         .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler()); //This is optional if you want to handle exception
    }

共有1个答案

松翔

2023-03-14

通过在配置类上使用@componentscan或将PersonController移动到用@springbootapplication注释的主类中或主类下的包，使您的新控制器PersonController可通过Spring Boot发现。

第二次修复OAuth2SecurityConfiguration类，如下所示

@Configuration
@EnableWebSecurity
public class OAuth2SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .csrf().disable()
            .anonymous().disable()
            .authorizeRequests()
            .antMatchers("/oauth/token").permitAll(); //This will permit the (oauth/token) url for getting access token from the oauthserver.
    }        

}

现在修复您的资源服务器，如下所示

@Configuration
@EnableResourceServer
public class ResourceServerConfiguration  extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .antMatchers("/api/v1/register", "/api/v1/publicOne", "/api/v1/publicTwo").permitAll() //Allow urls
            .anyRequest().authenticated().and()
            .antMatcher("/api/**").authorizeRequests() //Authenticate all urls with this body /api/home, /api/gallery
            .antMatchers("/api/**").hasRole("ADMIN")
            .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler()); //This is optional if you want to handle exception
    }
}

注意：您可以根据上面的答案自定义您的URL。

类似资料：

其他包中的@RestController不工作

我从学习Spring开始，创建基本项目，创建数据库，插入值，然后在web浏览器中打印。我的问题是，当我把RestController放在同一个包中，就像main class一样--这是可以的，但是我想把它分发到其他包中，并且当我创建新包时，移动RestController就不起作用了。让met解释：我的项目看起来像：我的pom.xml看起来像它是自动生成的，我只写一个依赖项
Java spring boot restcontroller不工作

我写了简单的java Spring boot应用程序代码在应用程序中，我有3个类文件 > 学生类-POCO类包含以下代码导入java。时间本地日期；公开课学生{ } StudentController类--控制器包含以下代码包学生；导入java.time.LocalDate；导入java.util.列表；导入org.springframework.web.bind.annotation.
@RestController不带@ResponseBody的方法工作不正确

我有以下控制器：我只找到了与mvc配置相关的部分：
LocalDate不能在spring@RestController中映射

以下示例适用于请求，但不适用于。我的目标是让spring自动从input（请求正文和查询参数）解析：作品： POSTlocalhost:8080/datetime 但GET也不适用：获取localhost:8080/datetime？日期=2022-02-02 结果： org.springframework.web.bind.support.WebExchangeBindException：方
RestController在SpringBoot中工作得很好，但在Tomcat上抛出404

我有一个简单的RestController应用程序- 它在SpringBoot（http://localhost:8080/greeting）上工作得很好，但是当我创建一个WAR并将其部署到Tomcat(9.0.2)上时，它会抛出一个404。
其他包中的@RestController不起作用

问题内容：我从学习Spring开始，我创建了一个基本项目，该项目创建数据库，插入值，然后在Web浏览器中打印它。我的问题是，当我将RestController和主类放在同一个包中时- 可以，但是我想将其分发到其他包中，而当我创建新包时，移动RestController则不起作用。让我们见面解释：我的项目看起来像：我的控制器看起来：当一切都在包，我写的网络浏览器的http：//本地主机：80

RestController在oauth2 Spring Boot中不工作

共有1个答案

相关问答

相关文章

相关阅读

相关工具

相关文档