0

我尝试使用定义为 Oauth2ClientCredentials 的 CF 目标,其中身份验证服务器只需要用户/密码而不需要 clientid/clientsecret 来生成令牌。我在目标配置中有一个虚拟的客户端 ID 和客户端密码,因为它是强制性的,但它似乎只考虑了客户端 ID/密码,而不考虑令牌用户/密码。堆栈跟踪是:

com.sap.cloud.sdk.cloudplatform.connectivity.exception.DestinationAccessException: Failed to get authentication headers. Destination service returned error: unauthorized_client.
    at com.sap.cloud.sdk.cloudplatform.connectivity.ScpCfHttpDestinationPropertyFactory.getAuthTokenHeaders(ScpCfHttpDestinationPropertyFactory.java:376) ~[cloudplatform-connectivity-scp-cf-3.0.0.jar:na]
    at com.sap.cloud.sdk.cloudplatform.connectivity.ScpCfHttpDestinationPropertyFactory.getHeadersFromDestination(ScpCfHttpDestinationPropertyFactory.java:328) ~[cloudplatform-connectivity-scp-cf-3.0.0.jar:na]
    at com.sap.cloud.sdk.cloudplatform.connectivity.ScpCfHttpDestination.getHeaders(ScpCfHttpDestination.java:288) ~[cloudplatform-connectivity-scp-cf-3.0.0.jar:na]
    at com.sap.cloud.sdk.cloudplatform.connectivity.HttpClientWrapper.wrapRequest(HttpClientWrapper.java:86) ~[cloudplatform-connectivity-3.0.0.jar:na]
    at com.sap.cloud.sdk.cloudplatform.connectivity.HttpClientWrapper.execute(HttpClientWrapper.java:97) ~[cloudplatform-connectivity-3.0.0.jar:na]
    at com.demo.destinationtest.MainController.worksoft(MainController.java:111) ~[classes/:na]

调试器中的 ScpCfHttpDestination 值为:

ScpCfHttpDestination(destinationType=HTTP, name=test, description=test connection, propertiesByName=ScpCfDestination(destinationType=HTTP, name=test, description=test connection, propertiesByName=DefaultDestination(properties={tokenServiceURLType=Dedicated, clientId=dummy, Description=test connection, tokenServiceUser=mymail@domain.com, tokenServiceURL=http://domain/executionmanager/api/Token, URL=http://domain/executionmanager/api/Requests, Name=test, tokenServicePassword=(hidden), authTokens=[ScpCfDestinationServiceV1Response.DestinationAuthToken(type=, value=, error=unauthorized_client, expiresIn=0)], Type=HTTP, certificates=null, Authentication=OAuth2ClientCredentials, clientSecret=STOTest3, ProxyType=Internet})))

我有一个好的客户端密码/客户端 ID 的另一个目的地工作正常。

4

1 回答 1

0

Cloud Foundry 支持的唯一 OAUTH 目的地是客户端凭据,而不是密码流,因此这不是云 sdk 限制。

于 2019-09-25T13:29:53.350 回答