我在使用spring-security-oauth2-autoconfigure软件包在Spring Boot中设置多个OAuth2RestTemplates时遇到一些困难。
基本上,我想要实现的是,用户可以使用SSO登录到我的网站(我正在使用@EnableOAuth2Sso)。然后,同一SSO会话用于接收用户特定的数据(例如,用户名,个人资料图片)。另外,管理员可以转到管理面板并注册一个后端帐户,该帐户也使用oauth2身份验证来接收只能由内部服务访问的剩余数据。例如,我要获取远程服务器的时间,版本和我的Ingame银行帐户(这对于Eve Online游戏来说是一个非常不错的游戏btw:D)。
这是我的两个资源配置:
//These are the user login / user data details
security.oauth2.client.client-id=xxx
security.oauth2.client.client-secret=xxx
security.oauth2.client.user-authorization-uri=https://login.eveonline.com/oauth/authorize
security.oauth2.client.access-token-uri=https://login.eveonline.com/oauth/token
security.oauth2.client.pre-established-redirect-uri=http://localhost:8081/login
security.oauth2.resource.user-info-uri=https://esi.tech.ccp.is/verify/
security.oauth2.client.use-current-uri=false
security.oauth2.client.scope=esi-wallet.read_character_wallet.v1 esi-markets.read_character_orders.v1
//And these are the backend details
security.oauth2.client.client-id=xxx
security.oauth2.client.client-secret=xxx
security.oauth2.client.user-authorization-uri=https://login.eveonline.com/oauth/authorize
security.oauth2.client.access-token-uri=https://login.eveonline.com/oauth/token
security.oauth2.client.pre-established-redirect-uri=http://localhost:8081/backend/setServiceAccount
security.oauth2.resource.user-info-uri=https://esi.tech.ccp.is/verify/
security.oauth2.client.use-current-uri=false
security.oauth2.client.scope=esi-markets.structure_markets.v1 esi-ui.write_waypoint.v1
在我的SecurityConfiguration中,我已经配置了这两个模板:
//The user details
@Bean
public AuthorizationCodeResourceDetails eveUserAuth(){
AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
details.setId("eveUserApp");
details.setClientId(clientID);
details.setClientSecret(clientSecret);
details.setAccessTokenUri(tokenURL);
details.setUserAuthorizationUri(userAuth);
details.setScope(Arrays.asList(scopes));
details.setPreEstablishedRedirectUri(redirectUri);
details.setUseCurrentUri(false);
return details;
}
//Note: this is the user template that is used to recieve user specific data
@Bean
public OAuth2RestTemplate eveUserRestTemplate(OAuth2ClientContext clientContext){
OAuth2RestTemplate template = new OAuth2RestTemplate(eveUserAuth(), clientContext);
return template;
}
//The backend details
@Bean
public AuthorizationCodeResourceDetails eveBackendAuth(){
AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
details.setId("eveBackendApp");
details.setClientId(backendClientID);
details.setClientSecret(backendclientSecret);
details.setAccessTokenUri(backendTokenURL);
details.setUserAuthorizationUri(backendUserAuth);
details.setScope(Arrays.asList(backendScopes));
details.setPreEstablishedRedirectUri(backendRedirectUri);
details.setUseCurrentUri(false);
return details;
}
//note: this is the backend template that doesnt use the clientContext Bean
@Bean
@Qualifier("eveBackendTemplate")
public OAuth2RestTemplate eveBackendTemplate(){
OAuth2RestTemplate template = new OAuth2RestTemplate(eveBackendAuth());
return template;
}
如果这些模板中的任何一个不使用clientContext Bean(在本例中为backendTemplate),则会引发以下异常
java.lang.IllegalArgumentException: [/account/logon?ReturnUrl=%2Foauth%2Fauthorize] is not a valid HTTP URL
at org.springframework.web.util.UriComponentsBuilder.fromHttpUrl(UriComponentsBuilder.java:278) ~[spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.redirectUser(OAuth2ClientContextFilter.java:99) ~[spring-security-oauth2-2.3.3.RELEASE.jar:na]
at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:70) ~[spring-security-oauth2-2.3.3.RELEASE.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.31.jar:8.5.31]
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109) ~[spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.31.jar:8.5.31]
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) ~[spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.31.jar:8.5.31]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) ~[spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-5.0.7.RELEASE.jar:5.0.7.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) ~[tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:790) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1468) [tomcat-embed-core-8.5.31.jar:8.5.31]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-8.5.31.jar:8.5.31]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [na:1.8.0_151]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [na:1.8.0_151]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.5.31.jar:8.5.31]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_151]
在这一点上,谷歌不想帮助我,我感到非常沮丧,以至于我很感谢您提供的任何建议:)