我正在通过弹簧启动使用aouth2的授权代码流。 我的控制器代码是:
@Controller
public class LogoutController {
@RequestMapping("/exit")
public void exit(HttpServletRequest request, HttpServletResponse response) {
// token can be revoked here if needed
new SecurityContextLogoutHandler().logout(request, null, null);
try {
//sending back to client app
response.sendRedirect(request.getHeader("referer"));
} catch (IOException e) {
e.printStackTrace();
}
}
}
我必须将其与angular 6.一起使用。注销不起作用,我不知道是否是由于授权码,如何使授权码到期或JSESSIONID无效而导致的?
服务配置
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("cat")
.secret("cat456")
.authorizedGrantTypes("authorization_code","refresh_token")
.scopes("user_info")
.autoApprove(true);
}