我已添加 Azure AD 作为身份验证服务器,但它向我显示以下错误
[invalid_token_response] 尝试检索 OAuth 2.0 访问令牌响应时发生错误:401 未经授权:[无正文]
我的应用程序属性:
spring.security.oauth2.client.registration.azure-client.provider=azure-ad
spring.security.oauth2.client.registration.azure-client.client-id=<Client_id>
spring.security.oauth2.client.registration.azure-client.client-secret=<Client_secret>
spring.security.oauth2.client.registration.azure-client.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.azure-client.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
spring.security.oauth2.client.registration.azure-client.scope=openid, profile
spring.security.oauth2.client.registration.azure-client.client-authentication-method=post
spring.security.oauth2.client.provider.azure-ad.authorization-uri=https://login.microsoftonline.com/common/oauth2/v2.0/authorize
spring.security.oauth2.client.provider.azure-ad.token-uri=https://login.microsoftonline.com/common/oauth2/v2.0/token
spring.security.oauth2.client.provider.azure-ad.jwk-set-uri=https://login.microsoftonline.com/common/discovery/v2.0/keys
spring.security.oauth2.client.provider.azure-ad.user-name-attribute=name
server.forward-headers-strategy=native
logging.level.org.springframework.security=DEBUG
和 SecurityConfig 类:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure( HttpSecurity http ) throws Exception {
http.authorizeRequests()
.antMatchers( "/oauth2/**", "/login/**" ).permitAll()
.anyRequest().authenticated()
.and()
.oauth2Login()
.defaultSuccessUrl( "/home" );
}
}
和控制器:
@RestController
public class HomeController {
@GetMapping( "home" )
public String home( @AuthenticationPrincipal(expression = "claims['name']") String name ) { …azure-active-directory spring-security-oauth2 azure-web-app-service