0

我正在尝试为 Grails 3.1.7 项目实现 grails-spring-security-rest 插件。服务器生成的 JWT 令牌与返回给客户端的令牌不匹配。

我还尝试在https://jwt.io/上验证返回的 tokwn,但我得到一个“无效令牌”

我究竟做错了什么?以下是我在服务器上看到的日志

DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/'; against '/assets/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/'; against '/**/js/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/'; against '/**/css/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/'; against '/**/images/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/'; against '/**/favicon.ico'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/'; against '/api/**'
DEBUG org.springframework.security.web.FilterChainProxy - / has no matching filters
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenReader - Looking for bearer token in Authorization header, query string or Form-Encoded body parameter
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenReader - No token found
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenReader - Token: null
DEBUG grails.plugin.springsecurity.rest.RestTokenValidationFilter - Token not found
DEBUG grails.plugin.springsecurity.rest.RestTokenValidationFilter - Request does not contain any token. Letting it continue through the filter chain
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationFilter - Actual URI is /; endpoint URL is /api/login
DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/bootstrap/bootstrap.css'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/bootstrap/bootstrap.css?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/mobile.css'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/mobile.css?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/grails.css'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/grails.css?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/application.css'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/application.css?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/main.css'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/main.css?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/angular/angular.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/angular/angular.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/angular/angular-cookies.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/angular/angular-cookies.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/angular/angular-resource.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/angular/angular-resource.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/angular/angular-route.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/angular/angular-route.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/angular/http-auth-interceptor.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/angular/http-auth-interceptor.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/core/tutorapp.core.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/core/tutorapp.core.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/index/services/applicationdatafactory.js'; against '/assets/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/index/tutorapp.index.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/index/services/applicationDataFactory.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/index/tutorapp.index.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/core/services/domainservicefactory.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/core/services/DomainServiceFactory.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/index/controllers/indexcontroller.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/index/controllers/indexController.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/lesson/controllers/lessoncontroller.js'; against '/assets/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/lesson/tutorapp.lesson.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/lesson/controllers/lessonController.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/lesson/tutorapp.lesson.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/angular/ui-bootstrap-tpls.js'; against '/assets/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/lesson/domain/lesson.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/angular/ui-bootstrap-tpls.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/lesson/domain/Lesson.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/lesson/templates/list.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/lesson/templates/list.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/authentication/controllers/authcontroller.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/authentication/controllers/authController.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/tutorapp.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/tutorapp.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/tutorapp/authentication/tutorapp.authentication.js'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/tutorapp/authentication/tutorapp.authentication.js?compile=false has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/bootstrap/bootstrap.css.map'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/bootstrap/bootstrap.css.map has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/assets/spinner.gif'; against '/assets/**'
DEBUG org.springframework.security.web.FilterChainProxy - /assets/spinner.gif has an empty filter list
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/assets/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/**/js/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/**/css/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/**/images/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/**/favicon.ico'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/api/**'
DEBUG org.springframework.security.web.FilterChainProxy - /api/login at position 1 of 7 in additional filter chain; firing Filter: 'SecurityRequestHolderFilter'
DEBUG org.springframework.security.web.FilterChainProxy - /api/login at position 2 of 7 in additional filter chain; firing Filter: 'MutableLogoutFilter'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/login'; against '/logoff'
DEBUG org.springframework.security.web.FilterChainProxy - /api/login at position 3 of 7 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationFilter - Actual URI is /api/login; endpoint URL is /api/login
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationFilter - Applying authentication filter to this request
DEBUG grails.plugin.springsecurity.rest.credentials.DefaultJsonPayloadCredentialsExtractor - Extracted credentials from JSON payload. Username: test, password: [PROTECTED]
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationFilter - Trying to authenticate the request
DEBUG org.springframework.security.authentication.ProviderManager - Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
DEBUG org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl - getReachableGrantedAuthorities() - From the roles [ROLE_USER] one can reach [ROLE_USER] in zero or more steps.
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationFilter - Request authenticated. Storing the authentication result in the security context
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationFilter - Authentication result: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@442bf5c6: Principal: grails.plugin.springsecurity.userdetails.GrailsUser@364492: Username: test; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_USER
DEBUG grails.plugin.springsecurity.rest.token.generation.jwt.AbstractJwtTokenGenerator - Generating an access token with default expiration: 3600
DEBUG grails.plugin.springsecurity.rest.token.generation.jwt.AbstractJwtTokenGenerator - Serializing the principal received
DEBUG grails.plugin.springsecurity.rest.token.generation.jwt.AbstractJwtTokenGenerator - Setting expiration to 3600
DEBUG grails.plugin.springsecurity.rest.token.generation.jwt.AbstractJwtTokenGenerator - Generated claim set: {"principal":"H4sIAAAAAAAAAJVSPU8cMRCdPQ4BQiIQKUgU0ABdtCeR8qqADiS0AsRxDUhEvt1hY\/DaG9sLdw26CgoKEB8SEn+Bf5I0+QERFLTUtBkvHHtJg3Blj5\/fe\/PGt4\/QbzR8iTXjwvipyGIufZNqLmODYaa5bfuZQR2hzRFLObBBFXheXgm8AEo8svAx2GX7rCKYjCurzV0MbbWlYU7p+IVxR7MED5Te81+5Q6XxH4GC2jsrwcAmjLEwVJm0K0rWWinXGG3CaFELVLjnSp9CukFpOROmFzqAkjUFRgEMs8x+V6TK0Vj48Gw2s1xU6mirAQymzBhy918ndeusu3tnU1IHP+AQyq3Uo0XZzTqo73j8BSUEdc2VNDMNmaiI73AnTvydyfPfpzedRgmAMvn89puiPjEPnZ\/bT1N50F5oYbzHegGrtlJyM1Ywb2h0yn+u1y6uHo+3+kjZIRbfP4+Zry\/JtRdUkjLNrOqZEdEelN2eyOffJu9Ooe3XeZIKpB8lLUavEgUxtVvWSnTztjC0vhrUvjXqtXV3KluaI2mO5C27WfmBokmdPJz9Op2+o\/fL0L\/PRIaU+GgBWsmSJuqj26vJ4cv7k9x\/9y\/\/BWSQFi0PAwAA","sub":"test","roles":["ROLE_USER"],"exp":1463879104,"iat":1463875504}
DEBUG grails.plugin.springsecurity.rest.token.generation.jwt.AbstractJwtTokenGenerator - Generating access token...
DEBUG grails.plugin.springsecurity.rest.token.generation.jwt.AbstractJwtTokenGenerator - Generating refresh token...
DEBUG grails.plugin.springsecurity.rest.token.generation.jwt.AbstractJwtTokenGenerator - Setting expiration to 3600
DEBUG grails.plugin.springsecurity.rest.token.generation.jwt.AbstractJwtTokenGenerator - Generated claim set: {"principal":"H4sIAAAAAAAAAJVSPU8cMRCdPQ4BQiIQKUgU0ABdtCeR8qqADiS0AsRxDUhEvt1hY\/DaG9sLdw26CgoKEB8SEn+Bf5I0+QERFLTUtBkvHHtJg3Blj5\/fe\/PGt4\/QbzR8iTXjwvipyGIufZNqLmODYaa5bfuZQR2hzRFLObBBFXheXgm8AEo8svAx2GX7rCKYjCurzV0MbbWlYU7p+IVxR7MED5Te81+5Q6XxH4GC2jsrwcAmjLEwVJm0K0rWWinXGG3CaFELVLjnSp9CukFpOROmFzqAkjUFRgEMs8x+V6TK0Vj48Gw2s1xU6mirAQymzBhy918ndeusu3tnU1IHP+AQyq3Uo0XZzTqo73j8BSUEdc2VNDMNmaiI73AnTvydyfPfpzedRgmAMvn89puiPjEPnZ\/bT1N50F5oYbzHegGrtlJyM1Ywb2h0yn+u1y6uHo+3+kjZIRbfP4+Zry\/JtRdUkjLNrOqZEdEelN2eyOffJu9Ooe3XeZIKpB8lLUavEgUxtVvWSnTztjC0vhrUvjXqtXV3KluaI2mO5C27WfmBokmdPJz9Op2+o\/fL0L\/PRIaU+GgBWsmSJuqj26vJ4cv7k9x\/9y\/\/BWSQFi0PAwAA","sub":"test","roles":["ROLE_USER"],"exp":1463879104,"iat":1463875504}
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationFilter - Generated token: grails.plugin.springsecurity.rest.token.AccessToken(accessToken:eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFU4Y01SQ2RQUTRCUWlJUUtVZ1UwQUJkdENlUjhxcUFEaVMwQXNSeERVaEV2dDFoWVwvRGFHOXNMZHcyNkNnb0tFQjhTRW4rQmY1STArUUVSRkxUVXRCa3ZISHRKZzNCbGo1XC9mZVwvUEd0NFwvUWJ6UjhpVFhqd3ZpcHlHSXVmWk5xTG1PRFlhYTViZnVaUVIyaHpSRkxPYkJCRlhoZVhnbThBRW84c3ZBeDJHWDdyQ0tZakN1cnpWME1iYldsWVU3cCtJVnhSN01FRDVUZTgxKzVRNlh4SDRHQzJqc3J3Y0FtakxFd1ZKbTBLMHJXV2luWEdHM0NhRkVMVkxqblNwOUN1a0ZwT1JPbUZ6cUFralVGUmdFTXM4eCtWNlRLMFZqNDhHdzJzMXhVNm1pckFReW16Qmh5OTE4bmRldXN1M3RuVTFJSFArQVF5cTNVbzBYWnpUcW83M2o4QlNVRWRjMlZORE1ObWFpSTczQW5UdnlkeWZQZnB6ZWRSZ21BTXZuODlwdWlQakVQblpcL2JUMU41MEY1b1liekhlZ0dydGxKeU0xWXdiMmgweW4rdTF5NnVIbyszK2tqWklSYmZQNCtacnlcL0p0UmRVa2pMTnJPcVpFZEVlbE4yZXlPZmZKdTlPb2UzWGVaSUtwQjhsTFVhdkVnVXh0VnZXU25UenRqQzB2aHJVdmpYcXRYVjNLbHVhSTJtTzVDMjdXZm1Cb2ttZFBKejlPcDIrb1wvZkwwTFwvUFJJYVUrR2dCV3NtU0p1cWoyNnZKNGN2N2s5eFwvOXlcL1wvQldTUUZpMFBBd0FBIiwic3ViIjoidGVzdCIsInJvbGVzIjpbIlJPTEVfVVNFUiJdLCJleHAiOjE0NjM4NzkxMDQsImlhdCI6MTQ2Mzg3NTUwNH0.ULg0BUuC_yi44-cdU1rXAJ8ls8Btpwtuobd1mI8top8, expiration:3600, refreshToken:eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFU4Y01SQ2RQUTRCUWlJUUtVZ1UwQUJkdENlUjhxcUFEaVMwQXNSeERVaEV2dDFoWVwvRGFHOXNMZHcyNkNnb0tFQjhTRW4rQmY1STArUUVSRkxUVXRCa3ZISHRKZzNCbGo1XC9mZVwvUEd0NFwvUWJ6UjhpVFhqd3ZpcHlHSXVmWk5xTG1PRFlhYTViZnVaUVIyaHpSRkxPYkJCRlhoZVhnbThBRW84c3ZBeDJHWDdyQ0tZakN1cnpWME1iYldsWVU3cCtJVnhSN01FRDVUZTgxKzVRNlh4SDRHQzJqc3J3Y0FtakxFd1ZKbTBLMHJXV2luWEdHM0NhRkVMVkxqblNwOUN1a0ZwT1JPbUZ6cUFralVGUmdFTXM4eCtWNlRLMFZqNDhHdzJzMXhVNm1pckFReW16Qmh5OTE4bmRldXN1M3RuVTFJSFArQVF5cTNVbzBYWnpUcW83M2o4QlNVRWRjMlZORE1ObWFpSTczQW5UdnlkeWZQZnB6ZWRSZ21BTXZuODlwdWlQakVQblpcL2JUMU41MEY1b1liekhlZ0dydGxKeU0xWXdiMmgweW4rdTF5NnVIbyszK2tqWklSYmZQNCtacnlcL0p0UmRVa2pMTnJPcVpFZEVlbE4yZXlPZmZKdTlPb2UzWGVaSUtwQjhsTFVhdkVnVXh0VnZXU25UenRqQzB2aHJVdmpYcXRYVjNLbHVhSTJtTzVDMjdXZm1Cb2ttZFBKejlPcDIrb1wvZkwwTFwvUFJJYVUrR2dCV3NtU0p1cWoyNnZKNGN2N2s5eFwvOXlcL1wvQldTUUZpMFBBd0FBIiwic3ViIjoidGVzdCIsInJvbGVzIjpbIlJPTEVfVVNFUiJdLCJpYXQiOjE0NjM4NzU1MDR9.cyFgeZC3mx4zfZvjKMib-zDPqSUi1hx_5MNZUWSDIX4, principal:grails.plugin.springsecurity.userdetails.GrailsUser@364492: Username: test; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER, super:grails.plugin.springsecurity.rest.token.AccessToken@442b46a2: Principal: grails.plugin.springsecurity.userdetails.GrailsUser@364492: Username: test; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ROLE_USER; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_USER)
DEBUG grails.plugin.springsecurity.rest.token.storage.jwt.JwtTokenStorageService - Nothing to store as this is a stateless implementation
DEBUG grails.plugin.springsecurity.rest.token.rendering.DefaultAccessTokenJsonRenderer - Generated JSON:
{
   "access_token": "eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFU4Y01SQ2RQUTRCUWlJUUtVZ1UwQUJkdENlUjhxcUFEaVMwQXNSeERVaEV2dDFoWVwvRGFHOXNMZHcyNkNnb0tFQjhTRW4rQmY1STArUUVSRkxUVXRCa3ZISHRKZzNCbGo1XC9mZVwvUEd0NFwvUWJ6UjhpVFhqd3ZpcHlHSXVmWk5xTG1PRFlhYTViZnVaUVIyaHpSRkxPYkJCRlhoZVhnbThBRW84c3ZBeDJHWDdyQ0tZakN1cnpWME1iYldsWVU3cCtJVnhSN01FRDVUZTgxKzVRNlh4SDRHQzJqc3J3Y0FtakxFd1ZKbTBLMHJXV2luWEdHM0NhRkVMVkxqblNwOUN1a0ZwT1JPbUZ6cUFralVGUmdFTXM4eCtWNlRLMFZqNDhHdzJzMXhVNm1pckFReW16Qmh5OTE4bmRldXN1M3RuVTFJSFArQVF5cTNVbzBYWnpUcW83M2o4QlNVRWRjMlZORE1ObWFpSTczQW5UdnlkeWZQZnB6ZWRSZ21BTXZuODlwdWlQakVQblpcL2JUMU41MEY1b1liekhlZ0dydGxKeU0xWXdiMmgweW4rdTF5NnVIbyszK2tqWklSYmZQNCtacnlcL0p0UmRVa2pMTnJPcVpFZEVlbE4yZXlPZmZKdTlPb2UzWGVaSUtwQjhsTFVhdkVnVXh0VnZXU25UenRqQzB2aHJVdmpYcXRYVjNLbHVhSTJtTzVDMjdXZm1Cb2ttZFBKejlPcDIrb1wvZkwwTFwvUFJJYVUrR2dCV3NtU0p1cWoyNnZKNGN2N2s5eFwvOXlcL1wvQldTUUZpMFBBd0FBIiwic3ViIjoidGVzdCIsInJvbGVzIjpbIlJPTEVfVVNFUiJdLCJleHAiOjE0NjM4NzkxMDQsImlhdCI6MTQ2Mzg3NTUwNH0.ULg0BUuC_yi44-cdU1rXAJ8ls8Btpwtuobd1mI8top8",
   "refresh_token": "eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFU4Y01SQ2RQUTRCUWlJUUtVZ1UwQUJkdENlUjhxcUFEaVMwQXNSeERVaEV2dDFoWVwvRGFHOXNMZHcyNkNnb0tFQjhTRW4rQmY1STArUUVSRkxUVXRCa3ZISHRKZzNCbGo1XC9mZVwvUEd0NFwvUWJ6UjhpVFhqd3ZpcHlHSXVmWk5xTG1PRFlhYTViZnVaUVIyaHpSRkxPYkJCRlhoZVhnbThBRW84c3ZBeDJHWDdyQ0tZakN1cnpWME1iYldsWVU3cCtJVnhSN01FRDVUZTgxKzVRNlh4SDRHQzJqc3J3Y0FtakxFd1ZKbTBLMHJXV2luWEdHM0NhRkVMVkxqblNwOUN1a0ZwT1JPbUZ6cUFralVGUmdFTXM4eCtWNlRLMFZqNDhHdzJzMXhVNm1pckFReW16Qmh5OTE4bmRldXN1M3RuVTFJSFArQVF5cTNVbzBYWnpUcW83M2o4QlNVRWRjMlZORE1ObWFpSTczQW5UdnlkeWZQZnB6ZWRSZ21BTXZuODlwdWlQakVQblpcL2JUMU41MEY1b1liekhlZ0dydGxKeU0xWXdiMmgweW4rdTF5NnVIbyszK2tqWklSYmZQNCtacnlcL0p0UmRVa2pMTnJPcVpFZEVlbE4yZXlPZmZKdTlPb2UzWGVaSUtwQjhsTFVhdkVnVXh0VnZXU25UenRqQzB2aHJVdmpYcXRYVjNLbHVhSTJtTzVDMjdXZm1Cb2ttZFBKejlPcDIrb1wvZkwwTFwvUFJJYVUrR2dCV3NtU0p1cWoyNnZKNGN2N2s5eFwvOXlcL1wvQldTUUZpMFBBd0FBIiwic3ViIjoidGVzdCIsInJvbGVzIjpbIlJPTEVfVVNFUiJdLCJpYXQiOjE0NjM4NzU1MDR9.cyFgeZC3mx4zfZvjKMib-zDPqSUi1hx_5MNZUWSDIX4",
   "roles": ["ROLE_USER"],
   "token_type": "Bearer",
   "expires_in": 3600,
   "username": "test"
}
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/lessons'; against '/assets/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/lessons'; against '/**/js/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/lessons'; against '/**/css/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/lessons'; against '/**/images/**'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/lessons'; against '/**/favicon.ico'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/lessons'; against '/api/**'
DEBUG org.springframework.security.web.FilterChainProxy - /api/lessons at position 1 of 7 in additional filter chain; firing Filter: 'SecurityRequestHolderFilter'
DEBUG org.springframework.security.web.FilterChainProxy - /api/lessons at position 2 of 7 in additional filter chain; firing Filter: 'MutableLogoutFilter'
DEBUG org.springframework.security.web.util.matcher.AntPathRequestMatcher - Checking match of request : '/api/lessons'; against '/logoff'
DEBUG org.springframework.security.web.FilterChainProxy - /api/lessons at position 3 of 7 in additional filter chain; firing Filter: 'RestAuthenticationFilter'
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationFilter - Actual URI is /api/lessons; endpoint URL is /api/login
DEBUG org.springframework.security.web.FilterChainProxy - /api/lessons at position 4 of 7 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
DEBUG org.springframework.security.web.FilterChainProxy - /api/lessons at position 5 of 7 in additional filter chain; firing Filter: 'RestTokenValidationFilter'
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenReader - Looking for bearer token in Authorization header, query string or Form-Encoded body parameter
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenReader - Found bearer token in Authorization header
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenReader - Token: eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFU4Y01SQ2RQUTRCUWlJUUtVZ1UwQUJkdENlUjhxcUFEaVMwQXNSeERVaEV2dDFoWVwvRGFHOXNMZHcyNkNnb0tFQjhTRW4rQmY1STArUUVSRkxUVXRCa3ZISHRKZzNCbGo1XC9mZVwvUEd0NFwvUWJ6UjhpVFhqd3ZpcHlHSXVmWk5xTG1PRFlhYTViZnVaUVIyaHpSRkxPYkJCRlhoZVhnbThBRW84c3ZBeDJHWDdyQ0tZakN1cnpWME1iYldsWVU3cCtJVnhSN01FRDVUZTgxKzVRNlh4SDRHQzJqc3J3Y0FtakxFd1ZKbTBLMHJXV2luWEdHM0NhRkVMVkxqblNwOUN1a0ZwT1JPbUZ6cUFralVGUmdFTXM4eCtWNlRLMFZqNDhHdzJzMXhVNm1pckFReW16Qmh5OTE4bmRldXN1M3RuVTFJSFArQVF5cTNVbzBYWnpUcW83M2o4QlNVRWRjMlZORE1ObWFpSTczQW5UdnlkeWZQZnB6ZWRSZ21BTXZuODlwdWlQakVQblpcL2JUMU41MEY1b1liekhlZ0dydGxKeU0xWXdiMmgweW4rdTF5NnVIbyszK2tqWklSYmZQNCtacnlcL0p0UmRVa2pMTnJPcVpFZEVlbE4yZXlPZmZKdTlPb2UzWGVaSUtwQjhsTFVhdkVnVXh0VnZXU25UenRqQzB2aHJVdmpYcXRYVjNLbHVhSTJtTzVDMjdXZm1Cb2ttZFBKejlPcDIrb1wvZkwwTFwvUFJJYVUrR2dCV3NtU0p1cWoyNnZKNGN2N2s5eFwvOXlcL1wvQldTUUZpMFBBd0FBIiwic3ViIjoidGVzdCIsInJvbGVzIjpbIlJPTEVfVVNFUiJdLCJleHAiOjE0NjM4MjUwNzQsImlhdCI6MTQ2MzgyMTQ3NH0.QfbJEHCAqifsmfmw5_a0AeI-KOexk7Hpv1QzIF5BrHs
DEBUG grails.plugin.springsecurity.rest.RestTokenValidationFilter - Token found: eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFU4Y01SQ2RQUTRCUWlJUUtVZ1UwQUJkdENlUjhxcUFEaVMwQXNSeERVaEV2dDFoWVwvRGFHOXNMZHcyNkNnb0tFQjhTRW4rQmY1STArUUVSRkxUVXRCa3ZISHRKZzNCbGo1XC9mZVwvUEd0NFwvUWJ6UjhpVFhqd3ZpcHlHSXVmWk5xTG1PRFlhYTViZnVaUVIyaHpSRkxPYkJCRlhoZVhnbThBRW84c3ZBeDJHWDdyQ0tZakN1cnpWME1iYldsWVU3cCtJVnhSN01FRDVUZTgxKzVRNlh4SDRHQzJqc3J3Y0FtakxFd1ZKbTBLMHJXV2luWEdHM0NhRkVMVkxqblNwOUN1a0ZwT1JPbUZ6cUFralVGUmdFTXM4eCtWNlRLMFZqNDhHdzJzMXhVNm1pckFReW16Qmh5OTE4bmRldXN1M3RuVTFJSFArQVF5cTNVbzBYWnpUcW83M2o4QlNVRWRjMlZORE1ObWFpSTczQW5UdnlkeWZQZnB6ZWRSZ21BTXZuODlwdWlQakVQblpcL2JUMU41MEY1b1liekhlZ0dydGxKeU0xWXdiMmgweW4rdTF5NnVIbyszK2tqWklSYmZQNCtacnlcL0p0UmRVa2pMTnJPcVpFZEVlbE4yZXlPZmZKdTlPb2UzWGVaSUtwQjhsTFVhdkVnVXh0VnZXU25UenRqQzB2aHJVdmpYcXRYVjNLbHVhSTJtTzVDMjdXZm1Cb2ttZFBKejlPcDIrb1wvZkwwTFwvUFJJYVUrR2dCV3NtU0p1cWoyNnZKNGN2N2s5eFwvOXlcL1wvQldTUUZpMFBBd0FBIiwic3ViIjoidGVzdCIsInJvbGVzIjpbIlJPTEVfVVNFUiJdLCJleHAiOjE0NjM4MjUwNzQsImlhdCI6MTQ2MzgyMTQ3NH0.QfbJEHCAqifsmfmw5_a0AeI-KOexk7Hpv1QzIF5BrHs
DEBUG grails.plugin.springsecurity.rest.RestTokenValidationFilter - Trying to authenticate the token
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationProvider - Use JWT: true
DEBUG grails.plugin.springsecurity.rest.RestAuthenticationProvider - Trying to validate token eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFU4Y01SQ2RQUTRCUWlJUUtVZ1UwQUJkdENlUjhxcUFEaVMwQXNSeERVaEV2dDFoWVwvRGFHOXNMZHcyNkNnb0tFQjhTRW4rQmY1STArUUVSRkxUVXRCa3ZISHRKZzNCbGo1XC9mZVwvUEd0NFwvUWJ6UjhpVFhqd3ZpcHlHSXVmWk5xTG1PRFlhYTViZnVaUVIyaHpSRkxPYkJCRlhoZVhnbThBRW84c3ZBeDJHWDdyQ0tZakN1cnpWME1iYldsWVU3cCtJVnhSN01FRDVUZTgxKzVRNlh4SDRHQzJqc3J3Y0FtakxFd1ZKbTBLMHJXV2luWEdHM0NhRkVMVkxqblNwOUN1a0ZwT1JPbUZ6cUFralVGUmdFTXM4eCtWNlRLMFZqNDhHdzJzMXhVNm1pckFReW16Qmh5OTE4bmRldXN1M3RuVTFJSFArQVF5cTNVbzBYWnpUcW83M2o4QlNVRWRjMlZORE1ObWFpSTczQW5UdnlkeWZQZnB6ZWRSZ21BTXZuODlwdWlQakVQblpcL2JUMU41MEY1b1liekhlZ0dydGxKeU0xWXdiMmgweW4rdTF5NnVIbyszK2tqWklSYmZQNCtacnlcL0p0UmRVa2pMTnJPcVpFZEVlbE4yZXlPZmZKdTlPb2UzWGVaSUtwQjhsTFVhdkVnVXh0VnZXU25UenRqQzB2aHJVdmpYcXRYVjNLbHVhSTJtTzVDMjdXZm1Cb2ttZFBKejlPcDIrb1wvZkwwTFwvUFJJYVUrR2dCV3NtU0p1cWoyNnZKNGN2N2s5eFwvOXlcL1wvQldTUUZpMFBBd0FBIiwic3ViIjoidGVzdCIsInJvbGVzIjpbIlJPTEVfVVNFUiJdLCJleHAiOjE0NjM4MjUwNzQsImlhdCI6MTQ2MzgyMTQ3NH0.QfbJEHCAqifsmfmw5_a0AeI-KOexk7Hpv1QzIF5BrHs
DEBUG grails.plugin.springsecurity.rest.RestTokenValidationFilter - Authentication failed: Token eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFU4Y01SQ2RQUTRCUWlJUUtVZ1UwQUJkdENlUjhxcUFEaVMwQXNSeERVaEV2dDFoWVwvRGFHOXNMZHcyNkNnb0tFQjhTRW4rQmY1STArUUVSRkxUVXRCa3ZISHRKZzNCbGo1XC9mZVwvUEd0NFwvUWJ6UjhpVFhqd3ZpcHlHSXVmWk5xTG1PRFlhYTViZnVaUVIyaHpSRkxPYkJCRlhoZVhnbThBRW84c3ZBeDJHWDdyQ0tZakN1cnpWME1iYldsWVU3cCtJVnhSN01FRDVUZTgxKzVRNlh4SDRHQzJqc3J3Y0FtakxFd1ZKbTBLMHJXV2luWEdHM0NhRkVMVkxqblNwOUN1a0ZwT1JPbUZ6cUFralVGUmdFTXM4eCtWNlRLMFZqNDhHdzJzMXhVNm1pckFReW16Qmh5OTE4bmRldXN1M3RuVTFJSFArQVF5cTNVbzBYWnpUcW83M2o4QlNVRWRjMlZORE1ObWFpSTczQW5UdnlkeWZQZnB6ZWRSZ21BTXZuODlwdWlQakVQblpcL2JUMU41MEY1b1liekhlZ0dydGxKeU0xWXdiMmgweW4rdTF5NnVIbyszK2tqWklSYmZQNCtacnlcL0p0UmRVa2pMTnJPcVpFZEVlbE4yZXlPZmZKdTlPb2UzWGVaSUtwQjhsTFVhdkVnVXh0VnZXU25UenRqQzB2aHJVdmpYcXRYVjNLbHVhSTJtTzVDMjdXZm1Cb2ttZFBKejlPcDIrb1wvZkwwTFwvUFJJYVUrR2dCV3NtU0p1cWoyNnZKNGN2N2s5eFwvOXlcL1wvQldTUUZpMFBBd0FBIiwic3ViIjoidGVzdCIsInJvbGVzIjpbIlJPTEVfVVNFUiJdLCJleHAiOjE0NjM4MjUwNzQsImlhdCI6MTQ2MzgyMTQ3NH0.QfbJEHCAqifsmfmw5_a0AeI-KOexk7Hpv1QzIF5BrHs has expired
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenReader - Looking for bearer token in Authorization header, query string or Form-Encoded body parameter
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenReader - Found bearer token in Authorization header
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenReader - Token: eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFU4Y01SQ2RQUTRCUWlJUUtVZ1UwQUJkdENlUjhxcUFEaVMwQXNSeERVaEV2dDFoWVwvRGFHOXNMZHcyNkNnb0tFQjhTRW4rQmY1STArUUVSRkxUVXRCa3ZISHRKZzNCbGo1XC9mZVwvUEd0NFwvUWJ6UjhpVFhqd3ZpcHlHSXVmWk5xTG1PRFlhYTViZnVaUVIyaHpSRkxPYkJCRlhoZVhnbThBRW84c3ZBeDJHWDdyQ0tZakN1cnpWME1iYldsWVU3cCtJVnhSN01FRDVUZTgxKzVRNlh4SDRHQzJqc3J3Y0FtakxFd1ZKbTBLMHJXV2luWEdHM0NhRkVMVkxqblNwOUN1a0ZwT1JPbUZ6cUFralVGUmdFTXM4eCtWNlRLMFZqNDhHdzJzMXhVNm1pckFReW16Qmh5OTE4bmRldXN1M3RuVTFJSFArQVF5cTNVbzBYWnpUcW83M2o4QlNVRWRjMlZORE1ObWFpSTczQW5UdnlkeWZQZnB6ZWRSZ21BTXZuODlwdWlQakVQblpcL2JUMU41MEY1b1liekhlZ0dydGxKeU0xWXdiMmgweW4rdTF5NnVIbyszK2tqWklSYmZQNCtacnlcL0p0UmRVa2pMTnJPcVpFZEVlbE4yZXlPZmZKdTlPb2UzWGVaSUtwQjhsTFVhdkVnVXh0VnZXU25UenRqQzB2aHJVdmpYcXRYVjNLbHVhSTJtTzVDMjdXZm1Cb2ttZFBKejlPcDIrb1wvZkwwTFwvUFJJYVUrR2dCV3NtU0p1cWoyNnZKNGN2N2s5eFwvOXlcL1wvQldTUUZpMFBBd0FBIiwic3ViIjoidGVzdCIsInJvbGVzIjpbIlJPTEVfVVNFUiJdLCJleHAiOjE0NjM4MjUwNzQsImlhdCI6MTQ2MzgyMTQ3NH0.QfbJEHCAqifsmfmw5_a0AeI-KOexk7Hpv1QzIF5BrHs
DEBUG grails.plugin.springsecurity.rest.token.bearer.BearerTokenAuthenticationFailureHandler - Sending status code 401 and header WWW-Authenticate: Bearer error="invalid_token"
4

1 回答 1

0

我的 angularJS 代码没有正确更新 localStorage。所以它总是在请求上附加错误的令牌。固定的。

于 2016-05-22T02:35:24.387 回答