Spring Security - OAuth 2.0 客户端 - 客户端凭据授予

Question

我想使用 Client Credentials Grant 生成访问令牌 https://docs.spring.io/spring-security/site/docs/5.4.6/reference/html5/#oauth2Client-client-creds-grant

我们使用的是 spring security 5.4.6

我导入了这些依赖项：

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-client</artifactId>
        </dependency>

这是一个资源服务器，它也必须根据 cron 计划发出服务器到服务器的身份验证请求。这就是为什么我需要 resource-server 和 oauth2-client 依赖项。

spring:
  security:
    oauth2:
      resourceserver:
        jwt:
          jwk-set-uri: https://auth.pingone.com/...
      client:
        provider:
          pingidentity:
            token-uri: https://auth.pingone.com/.../as/token
        registration:
          pingidentity:
            client-id: "69bxxxxx..."
            client-secret: "Xxxxx"
            scope: openid
            authorization-grant-type: "client_credentials"

    @Bean
    public OAuth2AuthorizedClientManager authorizedClientManager(
            ClientRegistrationRepository clientRegistrationRepository,
            OAuth2AuthorizedClientRepository authorizedClientRepository ) {

        OAuth2AuthorizedClientProvider authorizedClientProvider =
                OAuth2AuthorizedClientProviderBuilder.builder()
                        .clientCredentials()
                        .build();

        DefaultOAuth2AuthorizedClientManager authorizedClientManager =
                new DefaultOAuth2AuthorizedClientManager(
                        clientRegistrationRepository, authorizedClientRepository );
        authorizedClientManager.setAuthorizedClientProvider( authorizedClientProvider );

        return authorizedClientManager;
    }

    protected void setSecurityContext() {
        OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId( "pingidentity" )
                .principal( "69bbfc70-8fcf-4740-a11a-b86562d1c9f8" )
//              .attributes( attrs -> {
//                  attrs.put( HttpServletRequest.class.getName(), servletRequest );
//                  attrs.put( HttpServletResponse.class.getName(), servletResponse );
//              } )
                .build();
        OAuth2AuthorizedClient authorizedClient = this.authorizedClientManager.authorize( authorizeRequest );

        OAuth2AccessToken accessToken = authorizedClient.getAccessToken();
}

我收到此错误： java.lang.IllegalArgumentException: servletRequest 不能为 null 在 org.springframework.util.Assert.notNull(Assert.java:201) 在 org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager.authorize(DefaultOAuth2AuthorizedClientManager.java:144) 在 com.edlogics.heathrow.api.scheduling.jobs.AbstractSchedulerJob.setSecurityContext(AbstractSchedulerJob.java:42) 在 com.edlogics.heathrow.api.scheduling.jobs.CheckForMissingCacheEntriesJob.execute(CheckForMissingCacheEntriesJob.java:32) 在 org.quartz.core.JobRunShell.run(JobRunShell.java:202) 在 org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573)

如何在 Web 请求之外使用客户端凭据授权？