Ani*_*ita 1 java spring-security-oauth2
您好我必须在我的项目中集成spring security oauth2.所以我添加了配置相关部分及其工作正常.但问题是令牌的第一个请求转到"/ oauth/token",我想将其更改为"api/v1/token".我搜索了这一点,发现像加入一些解决方案token-endpoint-url中oauth:authorization-server还增加了自定义过滤器类,将覆盖ClientCredentialsTokenEndpointFilter并通过URL来构造.但这些都行不通.我收到以下错误请求"api/v1/token" -
SecurityContext中找不到Authentication对象
我的配置主要是基于xml的.Spring-security.xml文件 -
<http pattern="/api/v1/token" create-session="stateless"
authentication-manager-ref="authenticationManager"
xmlns="http://www.springframework.org/schema/security" >
<intercept-url pattern="/api/v1/token" access="IS_AUTHENTICATED_FULLY" />
<anonymous enabled="false" />
<http-basic entry-point-ref="clientAuthenticationEntryPoint"/>
<custom-filter ref="customClientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" />
<access-denied-handler ref="oauthAccessDeniedHandler" />
</http>
<http pattern="/test/**" create-session="never"
entry-point-ref="oauthAuthenticationEntryPoint"
xmlns="http://www.springframework.org/schema/security">
<anonymous enabled="false" />
<intercept-url pattern="/test/**" access="ROLE_USER" />
<custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<access-denied-handler ref="oauthAccessDeniedHandler" />
</http>
<beans:bean id="oauthAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
</beans:bean>
<beans:bean id="oauthAccessDeniedHandler"
class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler">
</beans:bean>
<beans:bean id="clientAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<beans:property name="realmName" value="springsec/client" />
<beans:property name="typeName" value="Basic" />
</beans:bean>
<beans:bean id="customClientCredentialsTokenEndpointFilter"
class="com.walletdoc.oauth.web.security.CustomClientCredentialsTokenEndpointFilter">
<beans:property name="authenticationManager" ref="authenticationManager" />
</beans:bean>
<authentication-manager alias="authenticationManager"
xmlns="http://www.springframework.org/schema/security">
<authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>
<beans:bean id="clientDetails" class="com.walletdoc.oauth.web.security.SpringSecurityClientService">
<beans:property name="id" value="mysupplycompany" />
<beans:property name="secretKey" value="mycompanykey" />
<beans:property name="authorities" value="ROLE_CLIENT" />
</beans:bean>
<beans:bean id="clientDetailsUserService"
class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<beans:constructor-arg ref="clientDetails"/>
</beans:bean>
<authentication-manager id="userAuthenticationManager"
xmlns="http://www.springframework.org/schema/security">
<authentication-provider ref="customUserAuthenticationProvider">
</authentication-provider>
</authentication-manager>
<beans:bean id="customUserAuthenticationProvider"
class="com.walletdoc.oauth.web.security.ClientAuthenticationProvider">
</beans:bean>
<oauth:authorization-server
client-details-service-ref="clientDetails" token-services-ref="tokenServices" token-endpoint-url="/api/v1/token">
<oauth:authorization-code />
<oauth:implicit/>
<oauth:refresh-token/>
<oauth:client-credentials />
<oauth:password authentication-manager-ref="userAuthenticationManager" />
</oauth:authorization-server>
<oauth:resource-server id="resourceServerFilter"
resource-id="springsec" token-services-ref="tokenServices" />
<beans:bean id="tokenStore"
class="org.springframework.security.oauth2.provider.token.InMemoryTokenStore" />
<beans:bean id="tokenServices"
class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<beans:property name="tokenStore" ref="tokenStore" />
<beans:property name="supportRefreshToken" value="true" />
<beans:property name="accessTokenValiditySeconds" value="3600"></beans:property>
<beans:property name="clientDetailsService" ref="clientDetails" />
</beans:bean>
我一直试图解决这个问题,所以任何帮助将不胜感激.
路径"/ oauth/token"不是事实上的标准吗?
不幸的是,我没有XML配置的确切答案,但也许这个Java配置可以给你提示.
扩展AuthorizationServerConfigurerAdapter以下方法后,您可以访问允许访问授权服务器配置的Builder:
@Override
public void configure(AuthorizationServerEndpointsConfigurer oauthServer) throws Exception {
oauthServer
// Here you can override the default endpoints mappings
.pathMapping("/oauth/authorize", "/api/v1/authorize")
.pathMapping("/oauth/token", "/api/v1/token")
// .. rest of the authorization server customization
.authenticationManager(authenticationManager)
.tokenStore(tokenStore);
}
这有点奇怪,因为您通过Map覆盖映射,您必须知道要覆盖的每个路径,并且类中没有任何提示或文档AuthorizationServerEndpointsConfigurer.
最后它起作用,就像授权服务器启动日志时一样:
...
.s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/api/v1/authorize],methods=[],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto ...
.s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/api/v1/token],methods=[POST],params=[],headers=[],consumes=[],produces=[],custom=[]}" onto ...
...
我想在XML中它应该转换为内部的一些元素,<oauth:authorization-server>如:
<oauth:authorization-server>
<!-- ... -->
<pathMappings>
<!-- key/value here -->
</pathMappings>
</oauth:authorization-server>
编辑:检查XML模式后,您可能一开始就正确,因为token-endpoint-url元素应该根据注释完成数学运算:
<xs:attribute name="token-endpoint-url" type="xs:string">
<xs:annotation>
<xs:documentation>
The URL at which a request for an access token
will be serviced.
Default value: "/oauth/token"
</xs:documentation>
</xs:annotation>
</xs:attribute>
也许您应该在spring-security-oauth问题跟踪器中提出问题?
| 归档时间: |
|
| 查看次数: |
8015 次 |
| 最近记录: |