当oauth2 client_id无效时,我有其余的api会在响应中创建此错误。
{"timestamp":"2016-10-06T05:26:31.367+0000","status":500,"error":"Internal Server Error","exception":"org.springframework.security.oauth2.provider.NoSuchClientException","message":"No client with requested id: backoffice","path":"/oauth/authorize"}
我在日志中的服务器端:
Looking up handler method for path /oauth/authorize
Did not find handler method for [/oauth/authorize]
Handling ClientRegistrationException error: No client with requested id: backoffice
Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Could not resolve view with name 'forward:/oauth/error' in servlet with name 'dispatcherServlet'] with root cause
javax.servlet.ServletException: Could not resolve view with name 'forward:/oauth/error' in servlet with name 'dispatcherServlet'
at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1237)
...
at java.lang.Thread.run(Thread.java:745)
我已按照此article中的说明尝试按照@ControllerAdvice进行推荐,但代码永远不会通过断点:
@ControllerAdvice
public class GlobalExceptionHandler {
private static final Logger logger = LoggerFactory.getLogger(GlobalExceptionHandler.class);
@ExceptionHandler(NoSuchClientException.class)
public String handleNoSuchClientException(HttpServletRequest request, Exception ex){
logger.info("NoSuchClientException Occured:: URL="+request.getRequestURL());
return "no_such_client_error";
}
}
答案 0 :(得分:0)
您需要为每个@ResponseBody方法添加注释ControllerAdvice。
答案 1 :(得分:-2)
以下链接中的配置端点网址和自定义错误处理部分 - http://projects.spring.io/spring-security-oauth/docs/oauth2.html可能是一个很好的起点。
我个人建议使用 WebResponseExceptionTranslator ,以便您可以以不同方式处理不同的异常。您可以在此处找到在配置中包含此内容的方法 - How to inject WebResponseExceptionTranslator in TokenEndPoint Spring oAuth2
更简单的方法是配置" / oauth / error"端点作为项目中的控制器方法,它对oauth流中的错误进行了标准响应。但这会剥夺你根据不同的例外改变回应的自由。