我正在尝试使用Slack来验证我的Web应用程序。我是春天安全的新手。我无法将我的应用程序URL重定向到松弛身份验证页面并获得异常:
java.lang.IllegalStateException:访问令牌提供程序返回了一个空访问令牌,根据合同,这是非法的。 在org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:223) 在org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:173) 在org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter.attemptAuthentication(OAuth2ClientAuthenticationProcessingFilter.java:105) 在org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) 在org.springframework.security.web.FilterChainProxy $ VirtualFilterChain.doFilter(FilterChainProxy.java:331) 在org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:60)
这是我的春季代码
@Configuration
@EnableOAuth2Client
@EnableWebSecurity
@PropertySource("classpath:slack-oauth2.properties")
class OAuth2SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Value("${oauth2.clientID}")
private String clientId;
@Value("${oauth2.clientSecret}")
private String clientSecret;
@Value("${oauth2.userAuthorizationUri}")
private String userAuthorizationUri;
@Value("${oauth2.accessTokenUri}")
private String accessTokenUri;
@Value("${oauth2.tokenName}")
private String tokenName;
@Value("${oauth2.scope}")
private String scope;
@Value("${oauth2.userInfoUri}")
private String userInfoUri;
@Value("${oauth2.filterCallbackPath}")
private String oauth2FilterCallbackPath;
@Autowired
private OAuth2ClientContext oauth2ClientContext;
@Autowired
OAuth2ClientContextFilter oauth2ClientContextFilter;
@Bean
public OAuth2ProtectedResourceDetails authorizationCodeResource() {
ClientCredentialsResourceDetails details = new ClientCredentialsResourceDetails();
details.setClientId(clientId);
details.setClientSecret(clientSecret);
details.setAccessTokenUri(accessTokenUri);
details.setTokenName(tokenName);
details.setScope(Arrays.asList(scope));
details.setAuthenticationScheme(AuthenticationScheme.query);
details.setClientAuthenticationScheme(AuthenticationScheme.form);
return details;
}
@Bean
public OAuth2ClientAuthenticationProcessingFilter oauth2ClientAuthenticationProcessingFilter() {
// Used to obtain access token from authorization server (AS)
OAuth2RestOperations restTemplate = new OAuth2RestTemplate(authorizationCodeResource(), oauth2ClientContext);
OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter(
"/oauth2");
filter.setRestTemplate(restTemplate);
// Set a service that validates an OAuth2 access token
RemoteTokenServices remoteTokenServices = new RemoteTokenServices();
remoteTokenServices.setClientId(clientId);
remoteTokenServices.setClientSecret(clientSecret);
remoteTokenServices.setRestTemplate(restTemplate);
JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();
try {
accessTokenConverter.afterPropertiesSet();
} catch (Exception e) {
e.printStackTrace();
}
remoteTokenServices.setAccessTokenConverter( accessTokenConverter );
filter.setTokenServices( remoteTokenServices );
return filter;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.exceptionHandling().and().httpBasic().authenticationEntryPoint(clientAuthenticationEntryPoint()).and()
.logout().and().authorizeRequests().antMatchers("/**").fullyAuthenticated().and()
.addFilterAfter(oauth2ClientContextFilter, ExceptionTranslationFilter.class)
.addFilterBefore(oauth2ClientAuthenticationProcessingFilter(), FilterSecurityInterceptor.class);
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/", "/static/**", "/webjars/**");
}
@Bean
public LoginUrlAuthenticationEntryPoint clientAuthenticationEntryPoint() {
return new LoginUrlAuthenticationEntryPoint("/oauth2");
}
松弛属性:
oauth2.accessTokenUri = https://slack.com/api/oauth.access
oauth2.userAuthorizationUri = https://slack.com/oauth/authorize
oauth2.clientID = *******
oauth2.clientSecret = *******
oauth2.tokenName = dummy
oauth2.scope = identity.basic
oauth2.userInfoUri = https://slack.com/api/users.info
我哪里错了?