带有Active Directory的Azure上的Spring OAuth2应用程序的重定向URL:无效的重定向URI参数 [英] Redirect URL for Spring OAuth2 app on Azure with Active Directory: Invalid Redirect URI Parameter
问题描述
我正在关注Azure文档的以下两个教程:https://docs.microsoft.com/zh-CN/azure/java/spring-framework/deploy-spring-boot-java-app-with-maven-plugin 其中显示了如何将简单的Spring Boot应用程序部署到Azure和
I am following the following two tutorials of the Azure documentation: https://docs.microsoft.com/en-us/azure/java/spring-framework/deploy-spring-boot-java-app-with-maven-plugin which shows how to deploy a simple Spring Boot application to Azure and https://docs.microsoft.com/en-us/azure/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-active-directory to set up and use an active directory as OAuth2 server with a Spring Security OAuth2 Client. Basically I just add the OAuth2 dependencies to Maven, a WebSecurityConfig class as shown in the second document and additionally also the azure.activedirectoy and spring.security properties.
仅从我的本地计算机运行该应用程序时,登录和重定向工作正常.但是,当应用程序部署到Azure时,我收到一个应用程序错误消息:无效的重定向URI参数.我认为我已将redirect-uri正确设置为
When the application is just run from my local computer the login and redirection works fine. But when the application is deployed to Azure, I get an application error saying: Invalid Redirect URI Parameter. I think I have set the redirect-uri correctly as
https://{baseHost}{basePort}{basePath}/login/oauth2/code/azure
在应用程序属性以及在我的Active Directory中进行的应用程序注册中.
in the application properties as well as in the application registration with my Active Directory.
据我所见,授权请求使用了正确的参数:
As far as I can see the authorization request uses the right parameters:
response_type: code
client_id: 4b5fbcfd-c35f-4bab-bc45-374c7e1dead8
scope: openid https://graph.microsoft.com/user.read
state: yMvo62R-6vgjETSGr_mnh4iIMZimVnFYZRyiGFaOPtE=
redirect_uri: https://myappname.azurewebsites.net/login/oauth2/code/azure
nonce: FUXJ5GoJ2NuNVx2ORU70YCqnJkEj8FRYHEJYMutEQzo
那么,无效的重定向URI参数是什么,我该如何更改?
So, what could the Invalid Redirect URI Parameter be, and how can I change this?
推荐答案
我遵循了这两个教程,在本地环境下运行良好,在Azure webapp上,我遇到了重定向URL不匹配错误.
I followed these two tutorials, it works fine on local environment, on Azure webapp, I encountered redirect url mismatch error.
原因是redirect_uri始终以http开头.在Applications.properties中添加 server.forward-headers-strategy = native 之后,它就可以工作了.(我正在使用Spring Boot 2.2)
The cause is that the redirect_uri is always started with http. After adding server.forward-headers-strategy=native in applications.properties, it works. (I am using spring boot 2.2)
这是pom.xml供您参考.
Here is the pom.xml for your reference.
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.4.RELEASE</version>
<relativePath/>
<!-- lookup parent from repository -->
</parent>
<groupId>com.example.ad</groupId>
<artifactId>ad</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>ad</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
<azure.version>2.2.0</azure.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-active-directory-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-spring-boot-bom</artifactId>
<version>${azure.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
<plugin>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-webapp-maven-plugin</artifactId>
<version>1.9.0</version>
<configuration>
<schemaVersion>V2</schemaVersion>
<resourceGroup>ad-1582615028467-rg</resourceGroup>
<appName>ad-1582615028467</appName>
<pricingTier>P1v2</pricingTier>
<region>westeurope</region>
<runtime>
<os>linux</os>
<javaVersion>jre8</javaVersion>
<webContainer>jre8</webContainer>
</runtime>
<appSettings>
<property>
<name>JAVA_OPTS</name>
<value>-Dserver.port=80</value>
</property>
</appSettings>
<deployment>
<resources>
<resource>
<directory>${project.basedir}/target</directory>
<includes>
<include>*.jar</include>
</includes>
</resource>
</resources>
</deployment>
</configuration>
</plugin>
</plugins>
</build>
</project>
这篇关于带有Active Directory的Azure上的Spring OAuth2应用程序的重定向URL:无效的重定向URI参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
