0

我正在尝试让 Spring 安全授权服务器为运行 mod_open_idc 的 Apache2 后面保护的资源工作。当我访问我的资源时,它会将我重定向到登录页面,但在我登录后,我会被重定向到显示处理响应类型错误的页面。如果我查看 apache 错误日志,它会说oidc_proto_validate_code_response: requested flow is "code" but no "id_token" parameter found in the code response。最后返回 url /redirect_uri?code=f0I4GB&state=DdA1Udo1lllEeed3V8LppkOtxPg。这是我的 apache 配置的相关部分

OIDCProviderIssuer https://URL:9999/uaa/oauth
OIDCProviderAuthorizationEndpoint https://URL:9999/uaa/oauth/authorize
OIDCProviderJwksUri https://URL:9999/uaa/oauth/token_key
OIDCProviderTokenEndpoint https://URL:9999/uaa/oauth/token
OIDCProviderUserInfoEndpoint https://URL:9999/uaa/user
OIDCScope "openid"

OIDCClientID revproxy
OIDCClientSecret revsecret
OIDCSSLValidateServer Off
OIDCCryptoPassphrase MyPassword
OIDCRedirectURI https://URL/home/redirect_uri

<Location "/home">
     AuthType openid-connect
     Require valid-user
     ProxyPass  https://URL:8443/
     ProxyPassReverse  https://URL:8443/
  </Location>

我也很高兴发布任何弹簧代码,我只是不知道哪些部分可能有问题。我也不知道我配置不正确的部分,我的直觉说 mod_auth_openidc,但它可能是春天。

4

1 回答 1

1

It seems that Spring is not configured for OpenID Connect but rather for OAuth 2.0 only. For OpenID Connect clients using the scope openid, the Provider is supposed to return an id_token. Apparently Spring is misconfigured or perhaps does not even support OpenID Connect.

于 2019-01-07T20:10:23.760 回答