3

我正在尝试设置一个 Spring OAuth2 客户端,该客户端对我自己的提供者和资源服务器进行身份验证。就我而言,提供者和资源服务器是一个应用程序。

我在使用 Spring 3.2 设置 OAuth 客户端时遇到问题。当我在控制器中调用 OAuth2RestTemplate 时(通过获取网页),我收到此错误:

java.lang.IllegalStateException:没有为当前请求建立重定向 URI。在 org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.getRedirectForAuthorization(AuthorizationCodeAccessTokenProvider.java:283) 在 org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.obtainAccessToken(AuthorizationCodeAccessTokenProvider. java:159) 在 org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainAccessToken(AccessTokenProviderChain.java:118) 的 org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainNewAccessTokenInternal(AccessTokenProviderChain.java:142)在 org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:216) ...

据我了解,重定向是从当前请求 uri 自动设置的。无论如何,我尝试设置oauth:resource属性pre-established-redirect-uri="http://localhost:8080/myresourcesercer/"。然后我得到这个错误:

org.springframework.security.oauth2.client.resource.UserRedirectRequiredException:需要重定向才能获得用户的批准...

如何正确设置重定向 uri 或我缺少什么?

谢谢!

这是我的配置:

Web.xml

<web-app id="WebApp_ID" version="2.4" 
    xmlns="http://java.sun.com/xml/ns/j2ee" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 
    http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

  <servlet>
        <servlet-name>spring</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>
                /WEB-INF/mvc-dispatcher-servlet.xml,
                /WEB-INF/spring-security.xml
            </param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>spring</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

</web-app>

弹簧安全.xml

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:oauth="http://www.springframework.org/schema/security/oauth2" 
    xmlns:sec="http://www.springframework.org/schema/security"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:mvc="http://www.springframework.org/schema/mvc" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="
        http://www.springframework.org/schema/beans     
        http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
        http://www.springframework.org/schema/context 
        http://www.springframework.org/schema/context/spring-context-3.2.xsd
        http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd
        http://www.springframework.org/schema/security/oauth2 
        http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-3.1.xsd">

 <oauth:client id="my-client" />

<oauth:resource id="security" type="authorization_code" client-id="my-client" client-secret="secret" access-token-uri="http://localhost:8080/provider/oauth/token"
 scope="read,write" user-authorization-uri="http://localhost:8080/provider/oauth/authorize" authentication-scheme="query"/>

<bean id="fooService" class="com.mypackage.serviceImpl.FooServiceImpl">
    <property name="secureRestTemplate">
        <oauth:rest-template resource="security" />
    </property>
</bean>

</beans>

mvc-调度程序-servlet.xml

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:oauth="http://www.springframework.org/schema/security/oauth2" 
    xmlns:sec="http://www.springframework.org/schema/security"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:util="http://www.springframework.org/schema/util"
    xmlns:mvc="http://www.springframework.org/schema/mvc" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="
        http://www.springframework.org/schema/beans     
        http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
        http://www.springframework.org/schema/context 
        http://www.springframework.org/schema/context/spring-context-3.2.xsd
        http://www.springframework.org/schema/util
        http://www.springframework.org/schema/util/spring-util-3.2.xsd
        http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd
        http://www.springframework.org/schema/security/oauth2 
        http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security-3.1.xsd">

<mvc:default-servlet-handler />
<mvc:annotation-driven>

       <mvc:message-converters register-defaults="true">
  ...
     </mvc:message-converters> 
     </mvc:annotation-driven>

<context:component-scan base-package="com.mypackage.controller" />
<context:component-scan base-package="com.mypackage.serviceImpl" />

<mvc:resources mapping="/css/**" location="/css/"/>


 <bean id="viewResolver"
    class=" org.springframework.web.servlet.view.InternalResourceViewResolver" >
        <property name="prefix">
            <value>/WEB-INF/views/</value>
        </property>
        <property name="suffix">
            <value>.jsp</value>
        </property>
    </bean> 

…

</beans>
4

2 回答 2

0

OAuth2ClientContextFilter将为您设置重定向 URI 您可以手动配置它,也可以让 Spring Security 自动为您设置。

如果您希望 Spring Security 对其进行设置,那么您需要在web.xml中进行更改

<filter>
  <filter-name>springSecurityFilterChain</filter-name>
  <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
  <filter-name>springSecurityFilterChain</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

你需要一个<http/>

于 2013-11-04T22:41:15.357 回答
-1

这行代码导致照片出现问题(模型模型)

ObjectNode result = facebookRestTemplate
                .getForObject("https://graph.facebook.com/me/friends", ObjectNode.class);

它在成功登录后将我重定向到 Facebook 页面,并返回这样的 URL,但之后似乎无法正常工作......

检查链接

我认为出了点问题导致了问题。

于 2015-01-23T13:52:43.017 回答