0

如何使用 OIDC 在 helidon 中断言 OAM 令牌?

我试图断言 OAM 令牌,但出现如下所示的错误,我尝试断言 IDCS 令牌,它工作正常

Exception in thread “main” io.helidon.common.Errors$ErrorMessagesException: [FATAL: Failed to load metadata: io.helidon.common.configurable.ResourceException: Failed to open stream to uri: https://{{OAM_host}}:{{port}}/.well-known/openid-configuration at io.helidon.common.configurable.ResourceException: Failed to open stream to uri: https://{{OAM_host}}:{{port}}/.well-known/openid-configuration, FATAL: When token_endpoint is not explicitly defined, the OIDC metadata must exist at class io.helidon.security.providers.oidc.common.OidcConfig$Builder, FATAL: When authorization_endpoint is not explicitly defined, the OIDC metadata must exist at class io.helidon.security.providers.oidc.common.OidcConfig$Builder, FATAL: When jwks_uri is not explicitly defined, the OIDC metadata must exist at class io.helidon.security.providers.oidc.common.OidcConfig$Builder]

并在 application.properties 添加了 OAM 详细信息:

providers:
    - abac:
    - oidc:
        client-id: "${ALIAS=security.properties.client-id}"
        client-secret: "${ALIAS=security.properties.client-secret}"
        identity-uri: "${ALIAS=security.properties.uri}"
        # A prefix used for custom scopes
        scope-audience: "${ALIAS=security.properties.scope-audience}"
        audience: "${ALIAS=security.properties.audience}"
        proxy-host: "${ALIAS=security.properties.proxy-host}"
        frontend-uri: "${ALIAS=security.properties.frontend-uri}"
        cookie-name: "OIDC_SESSION"
        cookie-same-site: "Lax"
        header-use: true
        redirect: false

我在这里错过了什么吗?

4

1 回答 1

0

如果您查看您的异常,它会指出端点无效:

https://{{OAM_host}}:{{port}}/.well-known/openid-configuration

这意味着您的配置包含 {{OAM_host}} 和 {{port}} - 这些占位符不会被 Helidon 配置替换。

在 Helidon 1.x 中,您可以使用${ALIAS=key}to 引用键

从 Helidon 2.0.0-M2 开始,您可以使用${key}参考密钥

于 2020-04-01T10:59:58.250 回答