当我尝试使用授权代码访问自己的OAuth2安全REST API时,我无法重定向到API并收到此错误:
org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: A redirect is required to get the users approval
at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.getRedirectForAuthorization(AuthorizationCodeAccessTokenProvider.java:359)
at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.obtainAccessToken(AuthorizationCodeAccessTokenProvider.java:205)
at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainNewAccessTokenInternal(AccessTokenProviderChain.java:142)
at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainAccessToken(AccessTokenProviderChain.java:118)
at org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:221)
at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:173)
at org.springframework.security.oauth2.client.OAuth2RestTemplate.createRequest(OAuth2RestTemplate.java:105)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:592)
at org.springframework.security.oauth2.client.OAuth2RestTemplate.doExecute(OAuth2RestTemplate.java:128)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:557)
at org.springframework.web.client.RestTemplate.getForEntity(RestTemplate.java:289)
at hello.CustomerServiceImpl.getCustomer(CustomerServiceImpl.java:63)
at WICKET_hello.CustomerServiceImpl$$FastClassByCGLIB$$f879347b.invoke(<generated>)
at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:149)
at org.apache.wicket.proxy.LazyInitProxyFactory$CGLibInterceptor.intercept(LazyInitProxyFactory.java:317)
at WICKET_hello.CustomerServiceImpl$$EnhancerByCGLIB$$1fb40ae.getCustomer(<generated>)
at hello.CustomerPage.<init>(CustomerPage.java:16)
我的Spring服务看起来像这样:
@Service
@ EnableOAuth2Client 公共类CustomerServiceImpl实现CustomerService {
@Value("http://localhost:3010")
private String baseUrl;
@Value("http://localhost:3010/oauth/authorize")
private String authorizeUrl;
@Value("http://localhost:3010/oauth/token")
private String tokenUrl;
@Value("client")
private String clientId;
@Value("secret")
private String clientSecret;
@Autowired
@Qualifier("restTemplate")
private OAuth2RestOperations restTemplate;
@Bean
private OAuth2RestOperations restTemplate() {
AccessTokenRequest atr = new DefaultAccessTokenRequest();
return new OAuth2RestTemplate(resource(), new DefaultOAuth2ClientContext(atr));
}
private OAuth2ProtectedResourceDetails resource() {
AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
resource.setAccessTokenUri(tokenUrl);
resource.setUserAuthorizationUri(authorizeUrl);
resource.setClientId(clientId);
resource.setClientSecret(clientSecret);
return resource;
}
@Override
public Customer getCustomer() {
String requestUrl = baseUrl + "/api/customer";
ResponseEntity<Customer> entity = restTemplate.getForEntity(requestUrl, Customer.class);
return entity.getBody();
}
}