我正在编写微服务应用程序。我有一个带有身份验证服务器和汽车服务的用户服务。我想在汽车服务中添加一些值,但是身份验证有问题:
WARN 30049 --- [nio-8081-exec-2] o.s.b.a.s.o.r.UserInfoTokenServices : Could not fetch user details: class java.lang.IllegalArgumentException, URI is not absolute
我在互联网上进行搜索,但找不到解决该问题的答案。
汽车服务中的application.properties
#security
spring.security.oauth2.client.registration.client-id=frontendClientId
spring.security.oauth2.client.registration.client-secret=frontendClientSecret
spring.security.oauth2.client.registration.authorization-grant-type=client_credentials
spring.security.oauth2.client.provider.token-uri=http://localhost:8082/oauth/token/
spring.security.oauth2.client.provider.user-info-uri=http://localhost:8082/user/current/
汽车服务中的资源服务器配置
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
private final ResourceServerProperties sso;
private final OAuth2ClientContext oAuth2ClientContext;
@Autowired
public ResourceServerConfig(ResourceServerProperties sso, @Qualifier("oauth2ClientContext") OAuth2ClientContext oAuth2ClientContext) {
this.sso = sso;
this.oAuth2ClientContext = oAuth2ClientContext;
}
@Bean
@ConfigurationProperties(prefix = "spring.security.oauth2.client")
public ClientCredentialsResourceDetails clientCredentialsResourceDetails() {
return new ClientCredentialsResourceDetails();
}
@Bean
public RequestInterceptor oauth2FeignRequestInterceptor() {
return new OAuth2FeignRequestInterceptor(oAuth2ClientContext, clientCredentialsResourceDetails());
}
@Bean
public OAuth2RestOperations restTemplate(@Qualifier("oauth2ClientContext")OAuth2ClientContext oauth2ClientContext) {
return new OAuth2RestTemplate(clientCredentialsResourceDetails(), oauth2ClientContext);
}
@Bean
@Primary
public ResourceServerTokenServices resourceServerTokenServices() {
return new UserInfoTokenServices(sso.getUserInfoUri(), sso.getClientId());
}
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest()
.hasRole("ADMIN")
.and()
.csrf().disable();
}
}
主要汽车服务
@SpringBootApplication
@EnableEurekaClient
@EnableOAuth2Sso
public class CarServiceApp {
public static void main(String[] args) {
SpringApplication.run(CarServiceApp.class, args);
}
}
授权服务器配置-用户服务
@Configuration
@EnableAuthorizationServer
public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
private final DataSource dataSource;
private final AuthenticationManager authenticationManager;
private final PasswordEncoder passwordEncoder;
private final UserDetailsServiceImpl userDetailsService;
@Autowired
public AuthorizationServer(DataSource dataSource,
AuthenticationManager authenticationManager,
PasswordEncoder passwordEncoder,
UserDetailsServiceImpl userDetailsService){
this.dataSource = dataSource;
this.authenticationManager = authenticationManager;
this.passwordEncoder = passwordEncoder;
this.userDetailsService = userDetailsService;
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security
.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()")
.passwordEncoder(passwordEncoder)
.allowFormAuthenticationForClients();;
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.tokenStore(tokenStore())
.authenticationManager(authenticationManager)
.userDetailsService(userDetailsService);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("frontendClientId")
.secret(passwordEncoder.encode("frontendClientSecret"))
.authorizedGrantTypes("password", "authorization_code", "refresh_token")
.accessTokenValiditySeconds(3600)
.refreshTokenValiditySeconds(28*24*3600)
.scopes("read");
}
@Bean
public TokenStore tokenStore(){
return new MyJdbcTokenStore(this.dataSource);
}
}
资源服务器用户服务
@Configuration
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/oauth/**", "/user/register")
.permitAll()
.anyRequest().authenticated()
.and()
.csrf().disable();
}
}
网络安全用户服务
@Configuration
@EnableWebSecurity
public class WebSecurity extends WebSecurityConfigurerAdapter {
private final UserDetailsServiceImpl userDetailsService;
@Autowired
public WebSecurity(UserDetailsServiceImpl userDetailsService){
this.userDetailsService = userDetailsService;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(this.userDetailsService)
.passwordEncoder(passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().denyAll()
.and()
.formLogin().disable();
}
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
我正在调用oauth / token以获取令牌,然后我使用令牌调用car-service,但是它返回
{
"error": "invalid_token",
"error_description": "0175bf49-1f9f-4797-aade-1ce5b18dccf6"
}
然后我开始写的这个警告是在春季日志中。
可以帮忙吗?