0
我想做一個簡單的春季啓動+ oauth2應用程序,我面臨的問題,/ oauth /授權沒有被匹配到oauth2服務器端點。端點甚至沒有可用的API/oauth/authorize沒有映射到端點,不工作 - 春季啓動Oauth2
列表中列出我的代碼:
package com.example;
import java.security.Principal;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@SpringBootApplication
@RestController
@EnableResourceServer
public class DemoApplication extends WebMvcConfigurerAdapter{
\t public static void main(String[] args) {
\t \t SpringApplication.run(DemoApplication.class, args);
\t }
\t
\t @Configuration
\t @EnableAuthorizationServer
\t protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {
\t \t @Autowired
\t \t private AuthenticationManager authenticationManager;
\t \t @Override
\t \t public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
\t \t \t endpoints.authenticationManager(authenticationManager);
\t \t }
\t \t @Override
\t \t public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
\t \t \t clients.inMemory().withClient("foo").secret("foosecret")
\t \t \t \t \t .authorizedGrantTypes("authorization_code", "refresh_token", "password").scopes("openid");
\t \t }
\t }
\t @RequestMapping("/user")
\t public Principal user(Principal user) {
\t \t return user;
\t }
}和應用程序性能:
server.port=9000
security.user.name=bar
security.user.password=barsecret
#server.contextPath=/
#security.oauth2.client.clientId=foo
#security.oauth2.client.clientSecret=foosecret
#security.oauth2.client.authorized-grant-types=authorization_code,refresh_token,password
#security.oauth2.client.scope=picture
logging.level.org.springframework.web=debug
logging.level.org.springframework.security=trace
logging.level.org.springframework.web-security=trace
當我嘗試這個請求:
see image here for the Oauth code request 日誌得到印刷並沒有匹配到映射到/的OAuth /授權
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/css/**']
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/css/**'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/js/**']
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/js/**'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/images/**']
....
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/**/favicon.ico'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/error']
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/error'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token']
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/oauth/token'
2017-01-03 00:00:10.309 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/token_key']
2017-01-03 00:00:10.310 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/oauth/token_key'
2017-01-03 00:00:10.310 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/oauth/check_token']
2017-01-03 00:00:10.310 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/oauth/check_token'
2017-01-03 00:00:10.310 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-01-03 00:00:10.313 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/pause']
...
2017-01-03 00:00:10.316 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/resume/']
2017-01-03 00:00:10.316 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/resume/'
2017-01-03 00:00:10.316 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/metrics']
...
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/configprops/'
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/**']
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request '/oauth/authorize' matched by universal pattern '/**'
2017-01-03 00:00:10.318 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : matched
2017-01-03 00:00:10.319 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2017-01-03 00:00:10.320 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2017-01-03 00:00:10.320 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.se[email protected]33b1c010
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET]
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/oauth/authorize'; against '/logout'
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST]
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /oauth/authorize' doesn't match 'POST /logout
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT]
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /oauth/authorize' doesn't match 'PUT /logout
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE]
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /oauth/authorize' doesn't match 'DELETE /logout
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.web.util.matcher.OrRequestMatcher : No matches found
2017-01-03 00:00:10.321 DEBUG 10988 --- [nio-9000-exec-1] o.s.security.web.FilterChainProxy : /oauth/authorize?response_type=code&client_id=foo&redirect_uri=http://www.google.com at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2017-01-03 00:00:10.323 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.a.www.BasicAuthenticationFilter : Basic Authentication Authorization header found for user 'foo'
2017-01-03 00:00:10.325 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
2017-01-03 00:00:10.327 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.a.dao.DaoAuthenticationProvider : User 'foo' not found
2017-01-03 00:00:10.330 DEBUG 10988 --- [nio-9000-exec-1] o.s.s.w.a.www.BasicAuthenticationFilter : Authentication request for failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials
2017-01-03 00:00:10.330 DEBUG 10988 --- [nio-9000-exec-1] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2017-01-03 00:00:10.340 DEBUG 10988 --- [nio-9000-exec-1] o.s.web.servlet.DispatcherServlet : DispatcherServlet with name 'dispatcherServlet' processing GET request for [/error]
2017-01-03 00:00:10.351 DEBUG 10988 --- [nio-9000-exec-1] s.w.s.m.m.a.RequestMappingHandlerMapping : Looking up handler method for path /error
2017-01-03 00:00:10.354 DEBUG 10988 --- [nio-9000-exec-1] s.w.s.m.m.a.RequestMappingHandlerMapping : Returning handler method [public org.springframework.http.ResponseEntity<java.util.Map<java.lang.String, java.lang.Object>> org.springframework.boot.autoconfigure.web.BasicErrorController.error(javax.servlet.http.HttpServletRequest)]
2017-01-03 00:00:10.355 DEBUG 10988 --- [nio-9000-exec-1] o.s.web.servlet.DispatcherServlet : Last-Modified value for [/error] is: -1
2017-01-03 00:00:10.422 DEBUG 10988 --- [nio-9000-exec-1] o.s.w.s.m.m.a.HttpEntityMethodProcessor : Written [{timestamp=Tue Jan 03 00:00:10 IST 2017, status=401, error=Unauthorized, message=Bad credentials, path=/oauth/authorize}] as "application/json" using [org.springfr[email protected]761956ac]
2017-01-03 00:00:10.422 DEBUG 10988 --- [nio-9000-exec-1] o.s.web.servlet.DispatcherServlet : Null ModelAndView returned to DispatcherServlet with name 'dispatcherServlet': assuming HandlerAdapter completed request handling
2017-01-03 00:00:10.422 DEBUG 10988 --- [nio-9000-exec-1] o.s.web.servlet.DispatcherServlet : Successfully completed request項目源ZIP:https://filehost.net/4aa76878c969c76c