Spring Boot UserRedirectRequiredException-需要重定向才能获得用户批准

时间:2018-04-28 05:15:51

标签: mysql spring-boot oauth-2.0

我正在学习OAUTH2实现

当我点击我的客户端http://localhost:8082/ui时 - 用户界面的REST端点,在登录到身份验证服务器http://localhost:8082/secure后会转到安全URI http://localhost:8081/auth/login。 但它在http://localhost:8082/ui/login处失败,并将错误视为

org.springframework.security.oauth2.client.resource.UserRedirectRequiredException:需要重定向才能获得用户批准

我的客户端配置是

OauthConfig.java 

@EnableOAuth2Sso
@Configuration
public class OauthConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // TODO Auto-generated method stub
        http.antMatcher("/**").
        authorizeRequests().antMatchers("/","/login**").permitAll().anyRequest().authenticated();
         /*http    
         .authorizeRequests().anyRequest().authenticated();*/
    }
}

和webconfig.java 

@SuppressWarnings("deprecation")
@EnableWebMvc
@Configuration
public class WebConfig extends WebMvcConfigurerAdapter {

    @Override
    public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
        // TODO Auto-generated method stub
         configurer.enable();
    }

    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        // TODO Auto-generated method stub
        super.addViewControllers(registry);
        registry.addViewController("/").setViewName("forward:/index");
        registry.addViewController("/index");
        registry.addViewController("/secure");
    }

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        // TODO Auto-generated method stub
        registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
    }

    @Bean
    public  static PropertySourcesPlaceholderConfigurer placeHolderConfigurer()
    {
        return new PropertySourcesPlaceholderConfigurer();
    }

    @Bean
    public RequestContextListener contextlist() 
    {
        return new RequestContextListener();
    }

    @Bean
    public static PropertySourcesPlaceholderConfigurer placeholderConfigurer() {
        return new PropertySourcesPlaceholderConfigurer();
    }

}

我的application.yml是

 server:
  port: 8082
  servlet:
    context-path: /ui
  session: 
    cookieName: UISESSION





 spring: 
  thymeleaf:
    cache: false
  oauth2:
    client:

      client-id: ClientId
      clientSecret: secret
      accessTokenUri: http://localhost:8081/auth/oauth/token
      userAuthorizationUri: http://localhost:8081/auth/oauth/authorize


    clientAuthenticationScheme: form



    resource: 
      userInfoUri: http://localhost:8081/auth/rest/hello/principal
      preferTokenInfo: false

我需要为此编写自定义oauth2ClientContextFilter吗?我已经将spring-security-oauth2添加到pom.xml中。任何帮助都会非常感激。

2 个答案:

答案 0 :(得分:0)

我也有类似的经历,并且通过将@EnableOAuth2Sso换成@EnableOAuth2Client来解决了这个问题。

似乎@EnableOAuth2Sso注释向springSecurityFilterChain添加了一个附加的安全链过滤器OAuth2ClientAuthenticationProcessingFilter,这引发了UserRedirectRequiredException

答案 1 :(得分:0)

更新SecurityContextHolder

SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_INHERITABLETHREADLOCAL);

相关问题
最新问题