相关疑难解决方法(0)

spring jwt 解码器 openid 令牌

外部 OAuth2 提供程序没有公共 JwkUri，因此我也尝试使用以下代码片段覆盖默认行为：

@EnableWebSecurity
public class DirectlyConfiguredJwkSetUri extends WebSecurityConfigurerAdapter {
 @Override
protected void configure(HttpSecurity http) throws Exception {
    http
            .authorizeRequests()
            .antMatchers("**/oauth2/code/esia**", "**/code/esia**", "**esia**").permitAll()
            .antMatchers("/user").fullyAuthenticated()
            .anyRequest().authenticated()
            .and()
            .csrf().disable()
            .cors().disable()
            .oauth2Client()
            .clientRegistrationRepository(this.clientRegistrationRepository)
            .authorizationCodeGrant()
            .authorizationRequestResolver(new CustomAuthorizationRequestResolver(
                    this.clientRegistrationRepository, esiaConfig, signatureUtil, timeUtil))
            .accessTokenResponseClient(customAccessTokenResponseClient())
            .and().and().oauth2Login().tokenEndpoint().accessTokenResponseClient(customAccessTokenResponseClient())
            .and().and().oauth2ResourceServer().jwt();
}
@Bean
JwtDecoder jwtDecoder() {
 return  new CustomJwtDecoder();
}
}

class CustomJwtDecoder implements JwtDecoder {
@Override
public Jwt decode(String token) throws JwtException {
    System.out.println(token);
    return null;
}
}

Run Code Online (Sandbox Code Playgroud)

然而 Spring Security 不知何故仍然使用默认实现，我收到以下错误......

[missing_signature_verifier] Failed to find a Signature Verifier …

Run Code Online (Sandbox Code Playgroud)

spring spring-security oauth-2.0 spring-security-oauth2

Unr*_*an1

2019 02-04

2
推荐指数

1
解决办法

1万
查看次数

标签统计

oauth-2.0 ×1

spring ×1

spring-security ×1

spring-security-oauth2 ×1

spring jwt 解码器 openid 令牌

标签 统计

标签统计