Springboot 2 Oauth2无法重定向到SSO客户端

时间:2018-09-11 08:33:57

标签: spring spring-boot spring-security oauth spring-security-oauth2

我目前正在从事Springboot 2.x oauth2的实现。但是我遇到了一些棘手的问题。

该项目包括auth-server和sso-client(底部提供GitHub链接)。问题是:当我输入受保护的URL(例如localhost:9000 /)时,它将被重定向到auth服务器中配置的登录页面。但是,成功登录后,它不会重定向回sso-client。

授权服务器的授权服务器配置:

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    private AuthenticationManager authenticationManager;

    public AuthorizationServerConfig(AuthenticationConfiguration authenticationConfiguration) throws Exception {
        this.authenticationManager = authenticationConfiguration.getAuthenticationManager();
}

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        super.configure(security);
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
            .withClient("client")
            .secret("secret")
            .authorizedGrantTypes("authorization_code")
            .scopes("all")
            .autoApprove(true);
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    endpoints.authenticationManager(authenticationManager);
    }
}

身份验证服务器的安全配置:

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
            .withUser("root")
            .password(passwordEncoder().encode("root"))
            .roles("ADMIN");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.antMatcher("/**")
            .authorizeRequests()
            .anyRequest().authenticated()
            .and()
            .formLogin()
            .and()
            .csrf().disable();
    }
}

sso-client的安全配置:

@Configuration
@EnableOAuth2Sso
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.antMatcher("/**")
            .authorizeRequests()
            .anyRequest().authenticated();
    }
}

针对sso-client的application.yml:

auth-server: http://localhost:9090

server:
  port: 9000

security:
  oauth2:
    client:
      client-id: client
      client-secret: secret
      scope: all
      user-authorization-uri: ${auth-server}/oauth/authorize
      access-token-uri: ${auth-server}/oauth/token
    resource:
      token-info-uri: ${auth-server}/oauth/check_token
      preferTokenInfo: false

以下是该项目的链接:https://github.com/paul8263/SpringBoot2Oauth2

PS:我可以在Spring Boot 1.5.8中使用它:https://github.com/paul8263/SsoDemo2

我将代码与Springboot2(第一个链接)进行了比较,但是我几乎没有注意到任何明显的区别。

有人可以通过运行简单的演示来帮助我解决此问题吗?非常感谢。

0 个答案:

没有答案
相关问题
最新问题