我正在尝试设置一个Spring OAuth2客户端,该客户端对我自己的提供者和资源服务器进行身份验证。在我的案例中,提供者和资源服务器是一个应用程序。
我在使用Spring 3.2设置OAuth客户端时遇到问题。当我在Controller中调用OAuth2RestTemplate时(通过获取网页),我收到此错误:
java.lang.IllegalStateException:未建立重定向URI 对于当前的请求。在 org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.getRedirectForAuthorization(AuthorizationCodeAccessTokenProvider.java:283) 在 org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.obtainAccessToken(AuthorizationCodeAccessTokenProvider.java:159) 在 org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainNewAccessTokenInternal(AccessTokenProviderChain.java:142) 在 org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainAccessToken(AccessTokenProviderChain.java:118) 在 org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:216) ...
据我所知,重定向是从当前请求uri自动设置的。无论如何,我尝试设置 oauth:resource 属性 pre-established-redirect-uri =“http:// localhost:8080 / myresourcesercer /”。然后我收到了这个错误:
org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: 需要重定向才能获得用户批准 ...
如何正确设置重定向uri或我缺少什么?
谢谢!
这是我的配置:
Web.xml中
<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/mvc-dispatcher-servlet.xml,
/WEB-INF/spring-security.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
弹簧security.xml文件
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.2.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<oauth:client id="my-client" />
<oauth:resource id="security" type="authorization_code" client-id="my-client" client-secret="secret" access-token-uri="http://localhost:8080/provider/oauth/token"
scope="read,write" user-authorization-uri="http://localhost:8080/provider/oauth/authorize" authentication-scheme="query"/>
<bean id="fooService" class="com.mypackage.serviceImpl.FooServiceImpl">
<property name="secureRestTemplate">
<oauth:rest-template resource="security" />
</property>
</bean>
</beans>
MVC-调度-servlet.xml中
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.2.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.2.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<mvc:default-servlet-handler />
<mvc:annotation-driven>
<mvc:message-converters register-defaults="true">
...
</mvc:message-converters>
</mvc:annotation-driven>
<context:component-scan base-package="com.mypackage.controller" />
<context:component-scan base-package="com.mypackage.serviceImpl" />
<mvc:resources mapping="/css/**" location="/css/"/>
<bean id="viewResolver"
class=" org.springframework.web.servlet.view.InternalResourceViewResolver" >
<property name="prefix">
<value>/WEB-INF/views/</value>
</property>
<property name="suffix">
<value>.jsp</value>
</property>
</bean>
…
</beans>
答案 0 :(得分:0)
OAuth2ClientContextFilter会为您设置重定向URI。您可以手动配置它,也可以让Spring Security自动为您设置它。
如果您希望Spring Security进行设置,则需要更改web.xml
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
你需要一个<http/> block
答案 1 :(得分:-1)
这行代码导致照片问题(型号模型)
ObjectNode result = facebookRestTemplate
.getForObject("https://graph.facebook.com/me/friends", ObjectNode.class);
在登录成功后,我将其重定向到Facebook页面,并使用这样的URL返回,但之后似乎没有工作......
我认为出现问题会出错。