Spring Security OAuth2 在没有 JWT 的情况下无法工作-6ren

Spring Security OAuth2 在没有 JWT 的情况下无法工作

转载作者：行者123 更新时间：2023-12-02 06:46:41

我正在尝试实现 Spring Security and Angular JS 中的 OAuth2 示例教程，但我在没有 JWT 的情况下使其工作时遇到问题。该示例的代码可以找到 here .

我对示例进行了以下修改，以尝试使其在没有 JWT 的情况下正常工作。

/resource/src/main/resources/application.properties

server.port: 9998
server.contextPath: /resource
logging.level.org.springframework.security: DEBUG
#spring.oauth2.resource.jwt.keyValue: -----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGp/Q5lh0P8nPL21oMMrt2RrkT9AW5jgYwLfSUnJVc9G6uR3cXRRDCjHqWU5WYwivcF180A6CWp/ireQFFBNowgc5XaA0kPpzEtgsA5YsNX7iSnUibB004iBTfU9hZ2Rbsc8cWqynT0RyN4TP1RYVSeVKvMQk4GT1r7JCEC+TNu1ELmbNwMQyzKjsfBXyIOCFU/E94ktvsTZUHF4Oq44DBylCDsS1k7/sfZC2G5EU7Oz0mhG8+Uz6MSEQHtoIi6mc8u64Rwi3Z3tscuWG2ShtsUFuNSAFNkY7LkLn+/hxLCu2bNISMaESa8dG22CIMuIeRLVcAmEWEWH5EEforTg+QIDAQAB\n-----END PUBLIC KEY-----

注释掉了 jwt keyValue 的属性。

/ui/src/main/resources/application.yml

security:
  user:
    password: none
  oauth2:
    client:
      accessTokenUri: http://localhost:9999/uaa/oauth/token
      userAuthorizationUri: http://localhost:9999/uaa/oauth/authorize
      clientId: acme
      clientSecret: acmesecret
    resource:
      userInfoUri: http://localhost:9999/uaa/user
#      jwt:
#        keyValue: |
#          -----BEGIN PUBLIC KEY-----
#          #MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGp/Q5lh0P8nPL21oMMrt2RrkT9AW5jgYwLfSUnJVc9G6uR3cXRRDCjHqWU5WYwivcF180A6CWp/ireQFFBNowgc5XaA0kPpzEtgsA5YsNX7iSnUibB004iBTfU9hZ2Rbsc8cWqynT0RyN4TP1RYVSeVKvMQk4GT1r7JCEC+TNu1ELmbNwMQyzKjsfBXyIOCFU/E94ktvsTZUHF4Oq44DBylCDsS1k7/sfZC2G5EU7Oz0mhG8+Uz6MSEQHtoIi6mc8u64Rwi3Z3tscuWG2ShtsUFuNSAFNkY7LkLn+/hxLCu2bNISMaESa8dG22CIMuIeRLVcAmEWEWH5EEforTg+QIDAQAB
#          -----END PUBLIC KEY-----
zuul:
  routes:
    resource:
      path: /resource/**
      url: http://localhost:9000/resource
    user:
      path: /user/**
      url: http://localhost:9999/uaa/user

logging:
  level:
    org.springframework.security: DEBUG

注释掉 jwt 属性并替换为:

userInfoUri: http://localhost:9999/uaa/user

/authserver/src/main/java/demo/AuthserverApplication.java

@SpringBootApplication
@Controller
@SessionAttributes("authorizationRequest")
@EnableResourceServer
public class AuthserverApplication extends WebMvcConfigurerAdapter {

    @RequestMapping("/user")
    @ResponseBody
    public Principal user(Principal user) {
        return user;
    }

    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        registry.addViewController("/login").setViewName("login");
        registry.addViewController("/oauth/confirm_access").setViewName("authorize");
    }

    public static void main(String[] args) {
        SpringApplication.run(AuthserverApplication.class, args);
    }

    @Configuration
    @Order(-20)
    protected static class LoginConfig extends WebSecurityConfigurerAdapter {

        @Autowired
        private AuthenticationManager authenticationManager;

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            // @formatter:off
            http
                .formLogin().loginPage("/login").permitAll()
            .and()
                .requestMatchers().antMatchers("/login", "/oauth/authorize", "/oauth/confirm_access")
            .and()
                .authorizeRequests().anyRequest().authenticated();
            // @formatter:on
        }

        @Override
        protected void configure(AuthenticationManagerBuilder auth) throws Exception {
            auth.parentAuthenticationManager(authenticationManager);
        }
    }

    @Configuration
    @EnableAuthorizationServer
    protected static class OAuth2AuthorizationConfig extends
            AuthorizationServerConfigurerAdapter {

        @Autowired
        private AuthenticationManager authenticationManager;

//        @Bean
//        public JwtAccessTokenConverter jwtAccessTokenConverter() {
//            JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
//            KeyPair keyPair = new KeyStoreKeyFactory(
//                    new ClassPathResource("keystore.jks"), "foobar".toCharArray())
//                    .getKeyPair("test");
//            converter.setKeyPair(keyPair);
//            return converter;
//        }

        @Override
        public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
            clients.inMemory()
                    .withClient("acme")
                    .secret("acmesecret")
                    .authorizedGrantTypes("authorization_code", "refresh_token",
                            "password").scopes("openid");
        }

        @Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints)
                throws Exception {
            endpoints.authenticationManager(authenticationManager);
//            .accessTokenConverter(jwtAccessTokenConverter());
        }

        @Override
        public void configure(AuthorizationServerSecurityConfigurer oauthServer)
                throws Exception {
            oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess(
                    "isAuthenticated()");
        }

    }
}

注释掉 jwtAccessTokenConverter() 方法并将其从 configure(AuthorizationServerEndpointsConfigurer endpoints) 中删除。

当我尝试运行该应用程序时，它工作正常，直到我必须授权“acme”访问 protected 资源。当我单击“批准”时，我收到 401 和错误页面，显示“身份验证失败:无法获取访问 token ”。

这是由对 http://localhost:9999/uaa/oauth/authorize 的 POST 请求引起的失败然后重定向到 http://localhost:8080/login?error=access_denied&error_description=User%20denied%20access&state=lsb7Ik

以下是来自 API 网关和 OAuth2 服务器的以下日志。

API网关应用

2015-11-19 12:04:24.561 DEBUG 41956 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : /login?error=access_denied&error_description=User%20denied%20access&state=ksNKYy at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2015-11-19 12:04:24.561 DEBUG 41956 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : /login?error=access_denied&error_description=User%20denied%20access&state=ksNKYy at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2015-11-19 12:04:24.561 DEBUG 41956 --- [nio-8080-exec-6] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
2015-11-19 12:04:24.561 DEBUG 41956 --- [nio-8080-exec-6] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@6b29d520. A new one will be created.
2015-11-19 12:04:24.561 DEBUG 41956 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : /login?error=access_denied&error_description=User%20denied%20access&state=ksNKYy at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2015-11-19 12:04:24.561 DEBUG 41956 --- [nio-8080-exec-6] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@24905eb7
2015-11-19 12:04:24.561 DEBUG 41956 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : /login?error=access_denied&error_description=User%20denied%20access&state=ksNKYy at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
2015-11-19 12:04:24.561 DEBUG 41956 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : /login?error=access_denied&error_description=User%20denied%20access&state=ksNKYy at position 5 of 13 in additional filter chain; firing Filter: 'CsrfHeaderFilter'
2015-11-19 12:04:24.562 DEBUG 41956 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : /login?error=access_denied&error_description=User%20denied%20access&state=ksNKYy at position 6 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
2015-11-19 12:04:24.562 DEBUG 41956 --- [nio-8080-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/login'; against '/logout'
2015-11-19 12:04:24.562 DEBUG 41956 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy        : /login?error=access_denied&error_description=User%20denied%20access&state=ksNKYy at position 7 of 13 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
2015-11-19 12:04:24.562 DEBUG 41956 --- [nio-8080-exec-6] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
2015-11-19 12:04:24.564 DEBUG 41956 --- [nio-8080-exec-6] g.c.AuthorizationCodeAccessTokenProvider : Encoding and sending form: {response_type=[code], client_id=[acme], scope=[null], state=[ksNKYy], redirect_uri=[http://localhost:8080/login]}
2015-11-19 12:04:24.571  WARN 41956 --- [nio-8080-exec-6] o.s.web.client.RestTemplate              : POST request for "http://localhost:9999/uaa/oauth/authorize" resulted in 403 (Forbidden); invoking error handler
2015-11-19 12:04:24.575 DEBUG 41956 --- [nio-8080-exec-6] uth2ClientAuthenticationProcessingFilter : Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Could not obtain access token
2015-11-19 12:04:24.575 DEBUG 41956 --- [nio-8080-exec-6] uth2ClientAuthenticationProcessingFilter : Updated SecurityContextHolder to contain null Authentication
2015-11-19 12:04:24.575 DEBUG 41956 --- [nio-8080-exec-6] uth2ClientAuthenticationProcessingFilter : Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@489090b4
2015-11-19 12:04:24.575 DEBUG 41956 --- [nio-8080-exec-6] .a.SimpleUrlAuthenticationFailureHandler : No failure URL set, sending 401 Unauthorized error
2015-11-19 12:04:24.575 DEBUG 41956 --- [nio-8080-exec-6] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2015-11-19 12:04:24.575 DEBUG 41956 --- [nio-8080-exec-6] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2015-11-19 12:04:24.576 DEBUG 41956 --- [nio-8080-exec-6] o.s.b.a.e.mvc.EndpointHandlerMapping     : Looking up handler method for path /error
2015-11-19 12:04:24.577 DEBUG 41956 --- [nio-8080-exec-6] o.s.b.a.e.mvc.EndpointHandlerMapping     : Did not find handler method for [/error]

OAuth2 应用程序

2015-11-19 12:04:24.546 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2015-11-19 12:04:24.546 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2015-11-19 12:04:24.546 DEBUG 41954 --- [nio-9999-exec-2] w.c.HttpSessionSecurityContextRepository : Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@fb75c5f1: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@fb75c5f1: Principal: org.springframework.security.core.userdetails.User@36ebcb: Username: user; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_ADMIN,ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 010CF170666FD7398D2E42E4431924B1; Granted Authorities: ROLE_ADMIN, ROLE_USER'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@335f832b
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/oauth/authorize'; against '/logout'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 6 of 12 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/oauth/authorize'; against '/login'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 7 of 12 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 8 of 12 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 9 of 12 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter  : SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@fb75c5f1: Principal: org.springframework.security.core.userdetails.User@36ebcb: Username: user; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_ADMIN,ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 010CF170666FD7398D2E42E4431924B1; Granted Authorities: ROLE_ADMIN, ROLE_USER'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 10 of 12 in additional filter chain; firing Filter: 'SessionManagementFilter'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 11 of 12 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 12 of 12 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : Secure object: FilterInvocation: URL: /oauth/authorize; Attributes: [authenticated]
2015-11-19 12:04:24.547 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@fb75c5f1: Principal: org.springframework.security.core.userdetails.User@36ebcb: Username: user; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_ADMIN,ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@21a2c: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 010CF170666FD7398D2E42E4431924B1; Granted Authorities: ROLE_ADMIN, ROLE_USER
2015-11-19 12:04:24.548 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.access.vote.AffirmativeBased       : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@54fdd60d, returned: 1
2015-11-19 12:04:24.548 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : Authorization successful
2015-11-19 12:04:24.548 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.w.a.i.FilterSecurityInterceptor    : RunAsManager did not change Authentication object
2015-11-19 12:04:24.548 DEBUG 41954 --- [nio-9999-exec-2] o.s.security.web.FilterChainProxy        : /oauth/authorize reached end of additional filter chain; proceeding with original chain
2015-11-19 12:04:24.549 DEBUG 41954 --- [nio-9999-exec-2] .s.o.p.e.FrameworkEndpointHandlerMapping : Looking up handler method for path /oauth/authorize
2015-11-19 12:04:24.550 DEBUG 41954 --- [nio-9999-exec-2] .s.o.p.e.FrameworkEndpointHandlerMapping : Returning handler method [public org.springframework.web.servlet.View org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny(java.util.Map<java.lang.String, java.lang.String>,java.util.Map<java.lang.String, ?>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)]
2015-11-19 12:04:24.552 DEBUG 41954 --- [nio-9999-exec-2] o.s.s.w.a.ExceptionTranslationFilter     : Chain processed normally
2015-11-19 12:04:24.553 DEBUG 41954 --- [nio-9999-exec-2] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2015-11-19 12:04:24.567 DEBUG 41954 --- [nio-9999-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/oauth/authorize'; against '/css/**'
2015-11-19 12:04:24.567 DEBUG 41954 --- [nio-9999-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/oauth/authorize'; against '/js/**'
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/oauth/authorize'; against '/images/**'
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/oauth/authorize'; against '/**/favicon.ico'
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/oauth/authorize'; against '/error'
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] w.c.HttpSessionSecurityContextRepository : No HttpSession currently exists
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: null. A new one will be created.
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@335f832b
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] o.s.security.web.FilterChainProxy        : /oauth/authorize at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] o.s.security.web.csrf.CsrfFilter         : Invalid CSRF token found for http://localhost:9999/uaa/oauth/authorize
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2015-11-19 12:04:24.568 DEBUG 41954 --- [nio-9999-exec-4] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed

我怀疑它失败是因为 OAuth 服务器上的“http://localhost:9999/uaa/oauth/authorize 发现无效的 CSRF token ”，但在 http 安全性中禁用 csrf 保护后，相同的错误仍然存在。不确定为什么 CSRF 在从等式中删除 JWT 后会成为问题。

任何帮助将不胜感激。谢谢。

最佳答案

我遇到了类似的问题，那就是我没有将身份验证服务器的上下文路径设置为 /uaa 。我的建议是从“Spring Security 和 Angular JS”的相同副本开始，然后逐步迈向您的自定义解决方案。每个步骤之后，运行示例并查看一切是否仍然有效。这样您就可以轻松地找出导致问题的原因。

关于Spring Security OAuth2 在没有 JWT 的情况下无法工作，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/33812805/

文章推荐： F# - 反向管道顺序

文章推荐： java - 在 JDeveloper 12c 中测试 Web 服务

文章推荐： java - 如何在 JTextArea 中打印循环的结果？

文章推荐： Docker-compose:将主机名设置为等于容器运行所在的主机名

OAuth:OAuth 实现用例
我有一个 webapp，它使用 php 服务器和数据库服务器执行大量 ajax 请求。我还创建了一个 iPhone 应用程序和一个 Android 应用程序，直到现在它们一直作为离线应用程序工作。现
oauth - OAuth 线程安全吗？
OAuth 的访问 token /刷新 token 流对我来说似乎非常不安全。帮助我更好地理解它。假设我正在与利用 OAuth 的 API 集成(如 this one )。我有我的访问 token
oauth - OAuth 和 OAuth 2.0 有什么区别？
这个问题在这里已经有了答案: 9年前关闭。 Possible Duplicate: How is oauth 2 different from oauth 1 我知道这两个不向后兼容。但是，既然已经实
oauth - 在开发和生产环境中使用 OAuth
我已经看到关于此的其他问题( here 、 here 和 here )，但我对任何解决方案都不满意，所以我再次询问。我正在启动一个 Web 应用程序，它将利用来自多个提供商(Google、Facebo
oauth - OAuth 授权码应何时到期？
我知道(在 OAuth 中使用授权代码“授权代码”时)，访问 token 的生命周期应该很短，但刷新 token 的生命周期可能很长。所以我决定为我的项目: 访问 token 生命周期:1 天刷新
oauth - OAuth 可以与手机应用程序一起使用吗？
在没有浏览器的情况下，我们可以在手机上的应用程序中使用 OAuth 吗？如果没有浏览器，用户是否仍然可以批准 token 请求(以便消费者可以继续从服务提供者那里获取 protected 资源)？
oauth - OAuth 2 与 OAuth 1 有何不同？
用非常简单的术语来说，有人可以解释一下 OAuth 2 和 OAuth 1 之间的区别吗？ OAuth 1 现在已经过时了吗？我们应该实现 OAuth 2 吗？我没有看到很多 OAuth 2 的实现；
oauth - 桥接表单例份验证和 OAUTH
修改表单例份验证登录过程并不难，因此除了正常的表单例份验证之外，WebClient 对象对由使用 Thinktecture IdentityModel 设置的 Web Api DAL 提供的 api/
oauth - OAuth 是否总是假定用户界面？
我想连接到 LinkedIn 并通过他们的 API 提取一些信息。 LinkedIn API 使用 OAuth 2.0。我读过的所有关于 OAuth 的文档(无论是在 LinkedIn 的上下文中还
oauth - OAuth 的接受程度如何？
OAuth 与其他身份验证标准的支持范围有多广？这可能是社区维基的东西，但我还是要问。我需要投资一些与服务器身份验证相关的东西，而且那里似乎有一些不错的东西。最佳答案 OAuth 主要用作授权机
oauth - 雅虎和微软是否支持 Oauth 2.0？以及关于 oAuth 2.0 的几个问题
我有几个问题... 雅虎和微软 api 是否支持 oAuth 2.0？如果是，那么主要是什么应该采取的安全措施转移时受到照顾 oAuth 1.0 到 oAuth 2.0。 Google API
oauth-2.0 - google oAuth - 从 google oAuth 登录后如何删除 cookie
我已经用谷歌 oAuth 开发了一个应用程序，这工作正常。我可以登录并访问我的网站。我的问题是，当我从我的应用程序中注销(注销)时，我删除了所有 session ，但未删除经过身份验证的 cook
oauth - 我认为 OAuth 1.0 已经被 OAuth 2.0 弃用是对的吗？
我在 Internet 上寻找一些关于此的信息，最后在 RFC 上找到了 Oauth 1.0 协议(protocol):https://www.rfc-editor.org/rfc/rfc5849 您
oauth - 带有内部返回 URL 的 Google OpenID+Oauth 混合模式登录 - OAuth 不起作用
我正在尝试制作 Google OpenID/OAuth hybrid签到工作。问题是它是一个可安装的网络(所以没有固定域)，我也试图让它在我的开发机器上工作 - 所以返回 URL 类似于 http:/
oauth - DotNetOpenAuth 2、OAuth.net 和 Microsoft.OWIN.Security.oAuth
我想构建一个独立与任何身份提供者(如 ADFS、OpenAM、oracle 身份)一起工作的应用程序。我的目的是验证来自任何一个 IDP 的登录用户，这些 IDP 配置为实现我的 SSO。我不确定
spring -/oauth/authorize 和/oauth/token 在 Spring OAuth 中如何交互？
我正在深入研究 Spring OAuth，发现一些相互矛盾的信息。具体来说，this tutorial声明 /oauth/token 端点在将刷新 token 授予客户端应用程序之前处理用户名和密码
oauth - 来自命令行的三足 OAuth token
如何通过自定义命令行工具支持三足式 OAuth 工作流？我想允许我的 CLI 工具的用户上网、登录并在本地缓存 token ，类似于 heroku login。正在做。最佳答案你必须扔掉同意屏幕
oauth - 什么是 oauth 域
什么是 oauth 域？是否有任何免费的 oauth 服务？我可以将它用于 StackApps registration 吗？？我在谷歌上搜索了很多，但找不到答案。最佳答案这是redirect_
oauth - Yahoo OAuth 实现无法离线工作
我需要将我的 Delicious 书签下载到非 Web 应用程序，而无需持续的用户交互。我正在使用 Delicious 的 V2 API(使用 oAuth)，但问题是他们的访问 token 似乎在一小
oauth - nginx 负载均衡器和 OAuth
我正在尝试为两台服务器设置一个 nginx 负载均衡器/代理，并在两台服务器上运行 OAuth 身份验证的应用程序。当 nginx 在端口 80 上运行时，一切都运行良好，但是当我将它放在任何其他端

行者123

个人简介

我是一名优秀的程序员,十分优秀！

作者热门文章

滴滴打车优惠券免费领取

全站热门文章

首页

博学

6Ren·AI

商城

Spring Security OAuth2 在没有 JWT 的情况下无法工作