用于 Oauth2 客户端调用的 Spring Security Oauth2 Web 客户端设置失败，出现空 OAuth 2.0 访问令牌响应异常

Question

我正在尝试设置一个基于 oauth 2.0 的网络客户端，本质上是一个应用程序到应用程序身份验证作为 Oauth2 客户端。

由于这是一个两步过程 - 令牌 https:///oauth/token/ 提供以下响应作为 Netty 响应 (OAuth2AccessTokenResponse) 的一部分

status = {HttpResponseStatus@8335} "302 "
version = {HttpVersion@8336} "HTTP/1.1"
headers = {DefaultHttpHeaders@8309} "DefaultHttpHeaders[Connection: keep-alive, Cache-Control: no-cache, no-store, max-age=0, must-revalidate, Date: Mon, 10 May 2021 09:37:31 GMT, Expires: 0, Location: https://<my-domain>/login, Pragma: no-cache, Strict-Transport-Security: max-age=31536000 ; includeSubDomains, X-Content-Type-Options: nosniff, X-Frame-Options: DENY, X-XSS-Protection: 1; mode=block, X-Cache: Miss from cloudfront, Via: 1.1 4c6f3dc807d213a0da966381e4886b08.cloudfront.net (CloudFront), X-Amz-Cf-Pop: MIA3-C2, X-Amz-Cf-Id: GMe-UuqqIXTkD1LZuES7LYQAgLWizBsN8RJ1ieGarEj6mEst9gLKbg==, content-length: 0]"
decoderResult = {HttpMessageDecoderResult@8337} "success"

我的基于 Oauth2 的网络客户端设置 ::

    @Bean
WebClient getAppDevOauth2WebClient(ReactiveOAuth2AuthorizedClientManager reactiveOAuth2AuthorizedClientManager) {
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth =
new ServerOAuth2AuthorizedClientExchangeFilterFunction(reactiveOAuth2AuthorizedClientManager);
// (optional) explicitly opt into using the oauth2Login to provide an access token implicitly
// oauth.setDefaultOAuth2AuthorizedClient(true);
oauth.setAuthorizationFailureHandler((oAuth2AuthorizationException,principal,attr) -> {
LOG.error("oAuth2AuthorizationException : {} and principal : {} and attr :{}"
, oAuth2AuthorizationException.getMessage(), principal.getName(),attr.toString());
return null;
});
oauth.setDefaultClientRegistrationId("auth0");

    return WebClient.builder()
            .filter(oauth)
            .filter(logRequest())
            .build();
}

@Bean
public ReactiveOAuth2AuthorizedClientManager authorizedClientManager(
        ReactiveClientRegistrationRepository clientRegistrationRepository,
        ReactiveOAuth2AuthorizedClientService authorizedClientService) {

    ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
            ReactiveOAuth2AuthorizedClientProviderBuilder.builder()
                    .refreshToken()
                    .clientCredentials()
                    .build();

    AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager =
            new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(
                    clientRegistrationRepository, authorizedClientService);
    authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);

    return authorizedClientManager;
}

这是我使用此 Oauth2“启用”Webclient 异常从服务类进行调用时得到的最后一个异常：org.springframework.security.oauth2.client.ClientAuthorizationException: [invalid_token_response] Empty OAuth 2.0 Access Token Response

spring:
  security:
    oauth2:
      client:
        provider:
          auth0:
            token-uri: https://<my-domain>/oauth/token/
        registration:
          auth0:
            client-id: my-client-id
            client-secret: my-client-secret
            authorization-grant-type: client_credentials

这是我得到的最后一个例外，而获取实际不记名令牌的中间步骤是给我 302 状态代码，而没有真正的 Oauth2 不记名令牌。请帮助我就此处可能存在的问题提供一些建议。

当我尝试使用相同的凭据并使用 Oauth2RestTemplate 进行设置时，它工作正常，让我使用生成的 Bearer 令牌进行 Rest Client 调用。