我正在使用oauth2和spring security并使用zuul代理。我在客户端网络应用程序中有一个登录按钮。当用户单击它时,请求应重定向到身份验证服务器以进行身份验证。但是它没有将请求重定向到认证服务器。我正在分享我的代码,请提供一些解决方案。
1。客户端Web应用程序代码
@SpringBootApplication
@EnableZuulProxy
@EnableOAuth2Sso
public class OauthUiApplication {
public static void main(String[] args) {
SpringApplication.run(OauthUiApplication.class, args);
}
@Configuration
protected static class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.logout().and().antMatcher("/**").authorizeRequests()
.antMatchers("/index.html", "/home.html", "/", "/login").permitAll()
.anyRequest().authenticated().and().csrf()
.csrfTokenRepository(csrfTokenRepository()).and()
.addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
}
private Filter csrfHeaderFilter() {
return new OncePerRequestFilter() {
@Override
protected void doFilterInternal(HttpServletRequest request,
HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class
.getName());
if (csrf != null) {
Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
String token = csrf.getToken();
if (cookie == null || token != null
&& !token.equals(cookie.getValue())) {
cookie = new Cookie("XSRF-TOKEN", token);
cookie.setPath("/");
response.addCookie(cookie);
}
}
filterChain.doFilter(request, response);
}
};
}
private CsrfTokenRepository csrfTokenRepository() {
HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
repository.setHeaderName("X-Csrf-Token");
return repository;
}
}
@Bean
public SimpleFilter simpleFilter() {
return new SimpleFilter();
}
}
2。 application.yml文件
debug:
zuul:
routes:
resource:
path: /resource/** # we are proxying to resource server 'resource'
url: http://localhost:9000/resource # All the requests that starts with /resource/ will be routed to this URL
user:
path: /user/** # proxying to user end point on the authorization server
url: http://localhost:9999/uaa/user # All the requests that starts with /user/ will be routed to this URL
security:
user:
password: none
oauth2:
sso:
login-path: /login
client:
accessTokenUri: http://localhost:9999/uaa/oauth/token # token endpoint
userAuthorizationUri: http://localhost:9999/uaa/oauth/authorize # authrization end point
clientId: acme # client id
clientSecret: acmesecret # client secret id
resource:
jwt:
keyValue: |
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnBn+WU3i6KarB6gYlg40ckBiWmtVEpYkggvHxow74T19oDyO2VRqyY9oaJ/cvnlsZgTOYAUjTECjL8Ww7F7NJZpxMPFviqbx/ZeIEoOvd7DOqK3P5RBtLsV5A8tjtfqYw/Th4YEmzY/XkxjHH+KMyhmkPO+/tp3eGmcMDJgH+LwA6yhDgCI4ztLqJYY73gX0pEDTPwVmo6g1+MW8x6Ctry3AWBZyULGt+I82xv+snqEriF4uzO6CP2ixPCnMfF1k4dqnRZ/V98hnSLclfMkchEnfKYg1CWgD+oCJo+kBuCiMqmeQBFFw908OyFKxL7Yw0KEkkySxpa4Ndu978yxEwIDAQAB
-----END PUBLIC KEY-----
logging:
level:
org.springframework.security: DEBUG
3.