小编phi*_*hil的帖子

我试图通过查询 /token 端点从另一个应用程序的 Spring Boot 应用程序中检索 azure JWT 访问令牌，但我收到的令牌似乎不正确。

该项目有一个 Spring Boot 后端和一个 Eclipse rcp 前端。我正在尝试从 Eclipse 前端检索访问令牌。为此，我有以下控制器：

    @Autowired
    private OAuth2AuthorizedClientService authorizedClientService;

    @GetMapping("/token")
    public String user(OAuth2AuthenticationToken authentication) {

        OAuth2AuthorizedClient authorizedClient = this.authorizedClientService
                        .loadAuthorizedClient(authentication.getAuthorizedClientRegistrationId(), authentication.getName());
        return authorizedClient.getAccessToken().getTokenValue();
    }

它返回具有以下格式的令牌：

PAQABAAAAAABeAFzDwllzTYGDLh_qYbH8hgtbYMB8x7YLamQyQPk_MEXyd9Ckc5epDFQMv3RxjmMie0JDr5uN82U4RFLgU3fnDBxGolo4XVwzLEsTZDmUK_r0YG6ZwLbbQI_ch_Xn8xCxhsFq-AoRbEESDqK3GmK4eXwCYoT0G8_XfZjHTvCNTOMqUb2Q-CD2EalIKf0zSZ5184qrvlXfdNeT_BJdH_tqaodn80Bp2UL2hdnOCDZuWRqKl_2fi4v-eOOKJCcjOqY6SreVEeoKkIvVdayGE8F6qCxFehmlA0sX9sVW34FIVYVo4lDRsTkm-WN2KJwxJmalNcxg0k2ObDnIeC1ulPPpiPq-O_LK9bVA4HEZ63cJi9ZwQHwLPUhOO6TquoCOroHSy5KPoFkX3N796hM1i0NpaaY4MeAx17CSYeZ9P06jvYD7UMTV3OwWt-OVrDm5z_AvbOvyHRf9wjh31H6oLoc-iu_NCspT6NzC2UZQSHBtKdydEcP6sNkRp073jrZEg8UtcVT6HzddIBk2P0tVeIiSyU3SfLETbzJE67xtJVip3ai9aLN28c0qt3rDBaVGDAXjXhqrh5D3NiXdQjS6YTAKy0bVmNk9Yr9o2CGBA2wFjE8OZ6_Hb3k8_13KMJHafx0gAA

来自 pom.xml 的依赖项

使用 spring boot 构建，具有以下相关依赖项：

• spring-boot-starter-webv2.2.4
• azure-active-directory-spring-boot-starterv2.2.1
• spring-security-oauth2-clientv5.2.1
• spring-security-oauth2-josev5.2.1
• spring-security-oauth2-resource-serverv5.2.1

来自 application.yml 的配置

我们支持多个授权服务器，这是完全配置的azure客户端：

spring:
  security:
    oauth2:
      client:
        azure:
          client-id: XXX
          client-secret: XXX
          client-name: Microsoft
          scope: openid, https://graph.microsoft.com/user.read, profile
          authorization-grant-type: authorization_code
          redirect-uri: http://localhost:8080/login/oauth2/code/azure
          client-authentication-method: …

在审查加密方案时，我遇到了以下代码：

    @Override
    public OutputStream encrypt(OutputStream outputStream) throws Exception {

        // generate the IV for encryption
        final byte[] encryptionIV = KeyFileUtil.randomBytes(16);
        outputStream.write(encryptionIV);

        // now create the encryption cipher
        final Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
        cipher.init(Cipher.ENCRYPT_MODE, getKey(), new GCMParameterSpec(128, encryptionIV));

        // The CipherOutputStream shouldn't close the underlying stream
        outputStream = new FilterOutputStream(outputStream) {
            @Override
            public void close() throws IOException {
                // Do nothing
            }
        };
        final CipherOutputStream cos = new CipherOutputStream(outputStream, cipher);

        if (useZip) {
            final ZipOutputStream zipOutputStream = new ZipOutputStream(cos) {
                @Override …