我正在尝试使用Strava对希望通过Spring Boot使用我的Web应用程序的客户进行身份验证,但我陷入了以下错误:
.s.o.c.w。 OAuth2LoginAuthenticationFilter :身份验证请求 失败: org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_token_response]尝试执行错误操作 检索OAuth 2.0访问令牌响应:无法提取 响应:找不到适合响应类型的 HttpMessageConverter [类 org.springframework.security.oauth2.core.endpoint。 OAuth2AccessTokenResponse ] 和内容类型[text / html]
我会很乐意帮助您解决此错误。我将错误的再现简化为仅两个类:
DemoSecurity.java extending WebSecurityConfigurerAdapter
DemoApplication.java as the entry to the application with @SpringBootApplication,
,您将需要在Strava(https://www.strava.com/settings/api)中注册一个应用,以获取 client_secret 和 client_id 。在strava中,回调必须添加为localhost才能运行此测试。
最后,要重现该错误,只需要在IDE中运行该应用程序,然后在浏览器中转到http:// localhost:8080 / login。
非常感谢您
这是我的application.yml:
spring:
security:
oauth2:
client:
registration:
strava:
provider: strava-provider
client-id: XXXXX
client-secret: XXXXXXXXXXXXXXXXX
client-authentication-method: POST
authorization-grant-type: authorization_code
redirect-uri: http://localhost:8080/login/oauth2/code/
scope:
- read
provider:
strava-provider:
tokenUri: https://www.strava.com/api/v3/oauth/token/
authorizationUri: https://www.strava.com/api/v3/oauth/authorize?response_type=code
这是我的pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.3.1.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.example</groupId>
<artifactId>demo</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>demo</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
这是我的DemoApplication.java:
package com.example.demo;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientAutoConfiguration;
import org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration;
@SpringBootApplication
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
}
这是我的DemoSecurity.java:
package com.example.demo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@EnableWebSecurity
@Configuration
public class DemoSecurity extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/login**","/", "/error", "/webjars/**").permitAll()
.anyRequest()
.authenticated().and()
.oauth2Login()
;
}
}
答案 0 :(得分:0)
查看您的application.yml,我可以看到您缺少user-info-uri和user-name-attribute: 由于它是oauth2而不是oidc,因此Spring需要知道它可以找到用户以及哪个字段是用户的唯一ID。 我快速浏览了stravas api文档,我想可能就是这样。
user-info-uri:https://www.strava.com/api/v3/athlete
用户名属性:id
但是您可能需要查看他们的文档或联系他们的支持团队进行确认,基本上,您只是在寻找将返回用户详细信息的api调用,并确认哪个字段是用户的唯一标识符或用户名。< / p>
答案 1 :(得分:0)
在测试了Wojciech Lesniak的回答(谢谢)之后,没有任何道理,但我至少部分地知道了。
这些是我的项目失败的日志:
2020-07-10 06:19:19.946 DEBUG 56091 --- [nio-8080-exec-2] .s.o.c.w.OAuth2LoginAuthenticationFilter : Request is to process authentication
2020-07-10 06:19:19.948 DEBUG 56091 --- [nio-8080-exec-2] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
2020-07-10 06:19:20.734 DEBUG 56091 --- [nio-8080-exec-2] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeAuthenticationProvider
2020-07-10 06:19:20.735 DEBUG 56091 --- [nio-8080-exec-2] .s.a.DefaultAuthenticationEventPublisher : No event was found for the exception org.springframework.security.oauth2.core.OAuth2AuthenticationException
2020-07-10 06:19:20.741 DEBUG 56091 --- [nio-8080-exec-2] .s.o.c.w.OAuth2LoginAuthenticationFilter : Authentication request failed: org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_token_response] An error occurred while attempting to retrieve the OAuth 2.0 Access Token Response: Could not extract response: no suitable HttpMessageConverter found for response type [class org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse] and content type [text/html]
这些是使用相同源代码的项目日志:
2020-07-10 06:20:09.917 DEBUG 56106 --- [nio-8080-exec-2] .s.o.c.w.OAuth2LoginAuthenticationFilter : Request is to process authentication
2020-07-10 06:20:09.920 DEBUG 56106 --- [nio-8080-exec-2] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider
2020-07-10 06:20:10.689 DEBUG 56106 --- [nio-8080-exec-2] s.CompositeSessionAuthenticationStrategy : Delegating to org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy@30f74e79
2020-07-10 06:20:10.690 DEBUG 56106 --- [nio-8080-exec-2] s.CompositeSessionAuthenticationStrategy : Delegating to org.springframework.security.web.csrf.CsrfAuthenticationStrategy@8a8639c
2020-07-10 06:20:10.690 DEBUG 56106 --- [nio-8080-exec-2] .s.o.c.w.OAuth2LoginAuthenticationFilter : Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken@efd72585: Principal: Name: [60310151], Granted Authorities: [[ROLE_USER, SCOPE_read]], User Attributes: [{id=60310151, username=null, resource_state=2, firstname=Marcos, lastname=Garcia, city=Chicago, state=Illinois, country=United States, sex=null, premium=false, summit=false, created_at=2020-06-03T11:18:54Z, updated_at=2020-07-07T16:10:35Z, badge_type_id=0, profile_medium=avatar/athlete/medium.png, profile=avatar/athlete/large.png, friend=null, follower=null}]; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@0: RemoteIpAddress: 127.0.0.1; SessionId: 858ADB4064C6112BD3EE7909CA036E06; Granted Authorities: ROLE_USER, SCOPE_read
唯一的可能是配置,一行一行地查看,这很愚蠢,因为在网址末尾不包含“ /”:
tokenUri: https://www.strava.com/api/v3/oauth/token