问题:
Spring Security Oauth2客户端获取访问令牌失败,请求代码为415,消息为不支持的媒体类型
沈飞翔
使用Spring Boot,我在一个配置类中设置了一个Oauth2RestTemplatebean,并在属性文件中设置了相应的属性。我使用了Swagger codegen来创建客户端存根。当我尝试调用RESTful API时,Spring无法获取访问令牌,根本原因是“不支持的媒体类型”。下面是stacktrace,我的Spring Security客户端配置,以及我修复的尝试。任何帮助都将不胜感激!
Retrieving token from https://dev-api.some-domain.com/auth/oauth2/v1/token
ClientCredentialsAccessTokenProvider.doWithRequest - Encoding and sending form:
{grant_type=[client_credentials], scope=[read], client_id=[val from props], client_secret=[val from props]}
error="access_denied", error_description="Access token denied.
at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:142)
at org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider.obtainAccessToken(ClientCredentialsAccessTokenProvider.java:44)
at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainNewAccessTokenInternal(AccessTokenProviderChain.java:148)
at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainAccessToken(AccessTokenProviderChain.java:121)
at org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:221)
at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:173)
at org.springframework.security.oauth2.client.OAuth2RestTemplate.createRequest(OAuth2RestTemplate.java:105)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:735)
at org.springframework.security.oauth2.client.OAuth2RestTemplate.doExecute(OAuth2RestTemplate.java:128)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:651)
at com.my.co.service.holidays.client.invoker.ApiClient.invokeAPI(ApiClient.java:518)
at com.my.co.service.holidays.client.api.HolidaysApi.getHolidays(kHolidaysApi.java:183)
at com.my.co.service.holiday.HolidaysApiTest.getHolidaysTest(HolidaysApiTest.java:66)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.platform.commons.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:686)
at org.junit.jupiter.engine.execution.MethodInvocation.proceed(MethodInvocation.java:60)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain$ValidatingInvocation.proceed(InvocationInterceptorChain.java:131)
at org.junit.jupiter.engine.extension.TimeoutExtension.intercept(TimeoutExtension.java:149)
at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestableMethod(TimeoutExtension.java:140)
at org.junit.jupiter.engine.extension.TimeoutExtension.interceptTestMethod(TimeoutExtension.java:84)
at org.junit.jupiter.engine.execution.ExecutableInvoker$ReflectiveInterceptorCall.lambda$ofVoidMethod$0(ExecutableInvoker.java:115)
at org.junit.jupiter.engine.execution.ExecutableInvoker.lambda$invoke$0(ExecutableInvoker.java:105)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain$InterceptedInvocation.proceed(InvocationInterceptorChain.java:106)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain.proceed(InvocationInterceptorChain.java:64)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain.chainAndInvoke(InvocationInterceptorChain.java:45)
at org.junit.jupiter.engine.execution.InvocationInterceptorChain.invoke(InvocationInterceptorChain.java:37)
at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:104)
at org.junit.jupiter.engine.execution.ExecutableInvoker.invoke(ExecutableInvoker.java:98)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.lambda$invokeTestMethod$6(TestMethodTestDescriptor.java:212)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.invokeTestMethod(TestMethodTestDescriptor.java:208)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:137)
at org.junit.jupiter.engine.descriptor.TestMethodTestDescriptor.execute(TestMethodTestDescriptor.java:71)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:135)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$7(NodeTestTask.java:125)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:135)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:123)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:122)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:80)
at java.util.ArrayList.forEach(ArrayList.java:1257)
at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:38)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:139)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$7(NodeTestTask.java:125)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:135)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:123)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:122)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:80)
at java.util.ArrayList.forEach(ArrayList.java:1257)
at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.invokeAll(SameThreadHierarchicalTestExecutorService.java:38)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$5(NodeTestTask.java:139)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$7(NodeTestTask.java:125)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:135)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:123)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:122)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:80)
at org.junit.platform.engine.support.hierarchical.SameThreadHierarchicalTestExecutorService.submit(SameThreadHierarchicalTestExecutorService.java:32)
at org.junit.platform.engine.support.hierarchical.HierarchicalTestExecutor.execute(HierarchicalTestExecutor.java:57)
at org.junit.platform.engine.support.hierarchical.HierarchicalTestEngine.execute(HierarchicalTestEngine.java:51)
at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:248)
at org.junit.platform.launcher.core.DefaultLauncher.lambda$execute$5(DefaultLauncher.java:211)
at org.junit.platform.launcher.core.DefaultLauncher.withInterceptedStreams(DefaultLauncher.java:226)
at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:199)
at org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:132)
at com.intellij.junit5.JUnit5IdeaTestRunner.startRunnerWithArgs(JUnit5IdeaTestRunner.java:69)
at com.intellij.rt.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:33)
at com.intellij.rt.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:230)
at com.intellij.rt.junit.JUnitStarter.main(JUnitStarter.java:58)
**Caused by: error="invalid_request", error_description="{code=415, message=Unsupported Media Type}"**
at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionJackson2Deserializer.deserialize(OAuth2ExceptionJackson2Deserializer.java:119)
at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionJackson2Deserializer.deserialize(OAuth2ExceptionJackson2Deserializer.java:33)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4524)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3519)
at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.readJavaType(AbstractJackson2HttpMessageConverter.java:269)
at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.readInternal(AbstractJackson2HttpMessageConverter.java:249)
at org.springframework.http.converter.AbstractHttpMessageConverter.read(AbstractHttpMessageConverter.java:199)
at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport$AccessTokenErrorHandler.handleError(OAuth2AccessTokenSupport.java:237)
at org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)
at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:782)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:740)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:695)
at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:137)
... 75 more
下面是我对OAuth2客户端的配置
application.properties:
spring.security.oauth2.holiday.client.clientId=valid_key_is_here
spring.security.oauth2.holiday.client.clientSecret=valid_secret_is_here
spring.security.oauth2.holiday.client.accessTokenUri=https://dev-api.some-domain.com/auth/oauth2/v1/token
spring.security.oauth2.holiday.client.clientAuthenticationScheme=form
spring.security.oauth2.holiday.client.grantType=client_credentials
spring.security.oauth2.holiday.client.scope=read
@Configuration
@EnableOAuth2Client
public class SpringOauthRestClientConfig {
@Bean
@ConfigurationProperties("spring.security.oauth2.holiday.client")
public OAuth2ProtectedResourceDetails oAuthDetails() {
return new ClientCredentialsResourceDetails();
}
@Bean
public RestTemplate restTemplate() {
OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(oAuthDetails());
for (HttpMessageConverter converter : restTemplate.getMessageConverters()) {
if (converter instanceof AbstractJackson2HttpMessageConverter) {
ObjectMapper mapper = ((AbstractJackson2HttpMessageConverter) converter).getObjectMapper();
mapper.registerModule(new JavaTimeModule());
}
}
// This allows us to read the response more than once - Necessary for debugging.
restTemplate.setRequestFactory(new BufferingClientHttpRequestFactory(restTemplate.getRequestFactory()));
return restTemplate;
}
}
我已经尝试扩展Spring类ClientCreentialsAccessTokenProvider来提供我自己的obtainAccessToken()方法的实现,这样我就可以在头中设置Content-Type。然后我将我的自定义类注入到RestTemboard中。当Spring尝试获取访问令牌时,仍然会出现相同的错误。
public class ClientCredentialsCustomAccessTokenProvider extends ClientCredentialsAccessTokenProvider {
@Override
public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) throws UserRedirectRequiredException, AccessDeniedException, OAuth2AccessDeniedException {
ClientCredentialsResourceDetails resource = (ClientCredentialsResourceDetails)details;
HttpHeaders headers1 = new HttpHeaders();
headers1.add("Content-Type", "application/x-www-form-urlencoded");
return retrieveToken(request, resource, this.getParametersForTokenRequest(resource), headers1);
}
如果我使用邮递员点击授权服务器,我会成功取回一个令牌
{
"tokenType": "BearerToken",
"expiresIn": "899",
"accessToken": "dv6fnhBALtNzlhjMyCRfa9JDYodd"
}
在Postman中使用这些设置
POST request,
Authorization - Basic with my client_id/secret as username/password,
Headers - Content-Type = application/x-www-form-urlencoded,
Body - grant_type = client_credentials
在JUnit测试中,我可以使用Postman的响应来设置令牌值(并绕过restemplate的Spring注入),并调用服务而不会出现问题。
HolidaysApi api = new HolidaysApi();
OAuth oAuth2 = (OAuth) api.getApiClient().getAuthentication("OAuth2");
oAuth2.setAccessToken("dv6fnhBALtNzlhjMyCRfa9JDYodd");
共有1个答案
陆俊迈
在我的例子中,Spring正在使用FormHttpMessageConver类来准备超文本传输协议POST请求到auth服务器,它附加到Content-Type头“charset=UTF-8”。我正在访问的授权服务器不允许它所期望的Content-Type以外的任何内容(应用程序/x-www-form-urlencoded)。可能还有其他方法,但我最终使用了我自己的CustomFormHttpMessageConader,它将Content-Type正确设置为OAuth2RestTemboardbean。下面,我以相反的顺序显示内容:
基本上复制了SpringFormHttpMessageConverter类,并创建了一个自定义类,将writeMultipart()方法更改为在不使用字符集的情况下设置内容类型:
public class CustomFormHttpMessageConverter implements HttpMessageConverter<MultiValueMap<String, ?>> {
...
writeMultipart(...) {
...
outputMessage.getHeaders().setContentType(MediaType.APPLICATION_FORM_URLENCODED);
}
}
然后,您需要使用自定义消息转换器类:
public class CustomOAuth2AuthTokenCallback implements RequestCallback {
protected final Log logger = LogFactory.getLog(this.getClass());
private final MultiValueMap<String, String> form;
private final HttpHeaders headers;
protected CustomOAuth2AuthTokenCallback(MultiValueMap<String, String> form, HttpHeaders headers) {
this.form = form;
this.headers = headers;
}
public void doWithRequest(ClientHttpRequest request) throws IOException {
request.getHeaders().putAll(this.headers);
request.getHeaders().setAccept(Arrays.asList(MediaType.APPLICATION_JSON, MediaType.APPLICATION_FORM_URLENCODED));
if (this.logger.isDebugEnabled()) {
this.logger.debug("Encoding and sending form: " + this.form);
}
CustomFormHttpMessageConverter formHttpMessageConverter = new CustomFormHttpMessageConverter();
formHttpMessageConverter.setCharset(null);
formHttpMessageConverter.setMultipartCharset(null);
formHttpMessageConverter.write(this.form, MediaType.APPLICATION_FORM_URLENCODED, request);
}
}
现在,我们需要确保使用自定义回调:
public class ClientCredentialsCustomAccessTokenProvider extends ClientCredentialsAccessTokenProvider {
@Override
protected RequestCallback getRequestCallback(OAuth2ProtectedResourceDetails resource, MultiValueMap<String, String> form, HttpHeaders headers) {
return new CustomOAuth2AuthTokenCallback(form, headers);
}
}
我在属性文件中有一个客户信息的自定义位置,所以我使用:
@Bean
@ConfigurationProperties("spring.security.oauth2.holiday.client")
public OAuth2ProtectedResourceDetails oAuthDetails() {
ClientCredentialsResourceDetails details = new ClientCredentialsResourceDetails();
return details;
}
现在我们有了带有自定义令牌回调的提供者bean。此时,我们只需要告诉rest模板要使用哪个提供程序:
@Configuration
@EnableOAuth2Client
public class SpringOauthRestClientConfig {
@Bean
public RestTemplate restTemplate(OAuth2ProtectedResourceDetails oAuthDetails) {
OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(oAuthDetails);
restTemplate.setAccessTokenProvider(new
ClientCredentialsCustomAccessTokenProvider());
restTemplate.setRequestFactory(new BufferingClientHttpRequestFactory(restTemplate.getRequestFactory()));
return restTemplate;
}
我没有经历所有这些,只是为了使用客户机凭据获取基本身份验证的令牌,而是通过以下途径(使用HttpEntity)
String url = "https://some-domain.com/auth/oauth2/v1/token";
String credentials = "some-client-key:some-client-password";
String encodedCredentials = new String(Base64.encodeBase64(credentials.getBytes()));
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
headers.setAccept(Arrays.asList(MediaType.TEXT_HTML, MediaType.APPLICATION_JSON));
headers.add("Authorization", "Basic " + encodedCredentials);
HttpEntity<String> request = new HttpEntity<>("grant_type=client_credentials", headers);
ResponseEntity<Oauth2Token> response = restTemplate.exchange(url, HttpMethod.POST, request, Oauth2Token.class);
boolean isSuccess = response.getStatusCode().is2xxSuccessful();
HttpHeaders respHeaders = response.getHeaders();
Oauth2Token body = response.getBody();
类似资料:
-
componentDidMount(){
-
我必须做的是,我必须在给定的URL中发布JSON数据,其中JSON看起来像 和我的功能 当我张贴它的时候;我得到一个错误 “远程服务器返回错误:(415)不支持的媒体类型。” 有人知道吗;我错在哪里?
-
我正在将一些代码移动到Web API中,我只希望接受完美的请求(按顺序发送数据、按顺序发送所有头等),并拒绝其他请求。现在我有了它,如果一个完美的请求进来,那么它返回一个正确的输出,带有一个200 OK状态代码,如果一个错误的请求进来(也就是一个未正确欺骗的请求),那么它返回一个404 not FOUND。 我的控制器中的函数都有一个带有FromBody属性的参数,所以这意味着如果请求使用内容类型
-
问题内容: 自数小时以来,我一直在尝试纠正http错误,但它仍显示不支持的页面。我在邮递员中添加标题。 这是我的Java代码 这是我的档案 问题答案: 通过和如何在响应流和请求流之间对对象进行序列化和反序列化。 将会发生的是,将从提供者的注册表中进行搜索,以查找可以处理的媒体类型。如果找不到,则Jersey无法处理该请求,并将发送415不支持的媒体类型。通常,你还应该在服务器端记录一个异常。不知道
-
我已经创建了一个示例web服务来进行post调用。 我使用的是Jersey JAX-RS和Maven。
-
问题内容: 我正在尝试使用jQuery 1.6(Jackson 2.1.1 和Spring 3.2.0 )通过JSON通过该方法向数据库中插入和/或更新数据。 JS代码如下。 通过URL映射的Spring控制器内部的方法如下。 服务器按照问题的含义进行响应, 415不支持的媒体类型 标头信息如下所示。 整个文件如下。 当我删除一个方法参数并仅用于接受请求参数时,它可以工作。 问题答案: 浏览器发送