我想通过配置Spring Security在给定URI上检查令牌来验证API中收到的令牌。基于我在互联网上看到的内容。我添加了
spring.security.oauth2.resourceserver.jwt.issuer-uri=https://url/protocol/openid-connect/token/introspect
到我的application.properties
我还添加了.oauth2ResourceServer()。jwt();到我的Spring配置,看起来像
http
.csrf().disable().cors()
.and()
.antMatcher("/api/project/**")
.authorizeRequests()
.antMatchers("/api/project/projectIds", "/api/project/**/involvement").permitAll()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.oauth2ResourceServer().jwt();
当我尝试部署我的应用程序时,出现以下错误:
Failed to instantiate [javax.servlet.Filter]: Factory method 'springSecurityFilterChain' threw exception; nested exception is org.springfra
mework.beans.factory.BeanCreationException: Error creating bean with name 'jwtDecoderByIssuerUri' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OA
uth2ResourceServerJwtConfiguration$JwtDecoderConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instant
iate [org.springframework.security.oauth2.jwt.JwtDecoder]: Factory method 'jwtDecoderByIssuerUri' threw exception; nested exception is java.lang.IllegalArgumentException: Unable to resolve the Configurati
on with the provided Issuer of "https://url/protocol/openid-connect/token/introspect"
我在做什么错了?