Spring OAuth 2.0客户端在输入正确凭据后返回401未经授权 [英] Spring OAuth 2.0 Client returns 401 Unauthorized after entering correct credentials
本文介绍了Spring OAuth 2.0客户端在输入正确凭据后返回401未经授权的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
这是我的问题。
我正在尝试使用SprringBoot集成Dexcom REST API以获取用户健康数据。
由Dexcom API使用OAuth2流。
当我单击链接/登录应用程序重定向到Dexcom API登录页面并要求用户提供 用户名和密码如果身份验证成功,则Dexcom登录页面将重定向到我的 应用程序重定向URI通过使用此授权发送授权码我需要从Dexcom获取访问令牌,稍后我已使用Dexcom api获取数据。这是我的项目我的问题是,在Dexcom登录页面中成功输入用户名和密码后,它将被验证并重定向到我的应用程序,给出这样的授权码
http://localhost:8080/login?code=c956626ef691a1abe46bcc827a68ddfb&;state=lJCK1p 但在同一页中,我得到了下面的错误 enter image description here 白色标签错误页 此应用程序没有针对/Error的显式映射,因此您将其视为备用。
Tue Jun 08 20:52:24 IST 2021 出现意外错误(类型=未经授权,状态=401)。我的代码
package com.example.mystorageapp;
@RestController
@EnableWebSecurity
@EnableOAuth2Sso
public class Dexomapi extends WebSecurityConfigurerAdapter {
//@SuppressWarnings("deprecation")
@GetMapping(value="/login")
public Response get_auth(@RequestParam(value="code",required =false) String code,
@RequestParam(value="state") String state ) throws IOException {
RestTemplate ss=new RestTemplate();
OkHttpClient client = new OkHttpClient();
String client1= (String)"client_secret=t2sI8N7eY3dW50GK&
client_id=XXXXXXXX&code="+code+"&grant_type=
authorization_code&redirect_uri=http://localhost:8080/login";
System.out.println(code);
String data23="https://api.dexcom.com/v2/oauth2/token?"+client1;
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
ResponseEntity<String> response1
= ss.getForEntity(data23 , String.class);
ObjectMapper mapper3 = new ObjectMapper();
JsonNode root = mapper3.readTree(response1.getBody());
System.out.println(root);
// Manually converting the response body InputStream to APOD using Jackson
ObjectMapper mapper = new ObjectMapper();
// Finally we have the response
//System.out.println(apod.title);
RequestBody body = RequestBody.create(mediaType,client1 );
Request request = new Request.Builder()
.url("https://api.dexcom.com/v2/oauth2/token")
.post(body)
.addHeader("content-type:", "application/x-www-form-urlencoded")
.addHeader("cache-control", "no-cache")
.build();
ObjectMapper mapper1 = new ObjectMapper();
Response response = client.newCall(request).execute();
Map<String, Object> studentMap1 = mapper.convertValue(response, Map.class);
System.out.println(studentMap1);
return response;
}
@GetMapping("/")
public String wow() {
return "nice";
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers(
"/index.html","/error").permitAll().anyRequest().authenticated();
}
}
通过重定向URI IS/LOGIN
我的依赖
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-
4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.4.5</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.example</groupId>
<artifactId>googleauth</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>dexcomapi</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>angularjs</artifactId>
<version>1.4.3</version>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>bootstrap</artifactId>
<version>3.2.0</version>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>jquery</artifactId>
<version>2.1.1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.webjars/webjars-locator -->
<dependency>
<groupId>org.webjars</groupId>
<artifactId>webjars-locator</artifactId>
<version>0.40</version>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.5.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
<version>2.1.8.RELEASE</version>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
我的应用程序.yml
security:
oauth2:
client:
clientId: Ncv8kRTLDnWM1oVeAuQRFFQugcBwIME2
clientSecret: 2sI8N7eY3dW50GK
accessTokenUri: https://api.dexcom.com/v2/oauth2/token
userAuthorizationUri: https://api.dexcom.com/v2/oauth2/login
tokenName: oauth_token
authenticationScheme: header
clientAuthenticationScheme: header
scope: offline_access
resource:
userInfoUri: https://api.dexcom.com/v2/users/self/dataRange
我的带有角度js的FronEnd代码
<body ng-app="app" ng-controller="home as home">
<h1>Login</h1>
<div class="container" ng-show="!home.authenticated">
With Fitbit: <a href="/login">click here</a>
</div>
<div class="container" ng-show="home.authenticated">
Logged in as: <span ng-bind="home.user"></span><br />
Lifetime Steps: <span ng-bind="home.lifetimeSteps"></span><br />
Lifetime Distance: <span ng-bind="home.lifetimeDistance"></span><br />
Lifetime Floors: <span ng-bind="home.lifetimeFloors"></span><br />
</div>
<script type="text/javascript" src="/webjars/angularjs/angular.min.js"></script>
<script type="text/javascript">
angular.module("app", []).controller("home", function($http) {
var self = this;
$http.get("/login").success(function(data) {
self.user = data.userAuthentication.details.user.fullName;
self.authenticated = true;
}).error(function() {
self.user = "N/A";
self.authenticated = false;
});
$http.get("/loginDexcom").success(function(data) {
self.lifetimeSteps = data.steps.toLocaleString();
self.lifetimeFloors = data.floors.toLocaleString();
self.lifetimeDistance = data.distance.toLocaleString();
}).error(function() {
self.lifetimeSteps = "N/A";
});
});
</script>
</body>
谢谢
推荐答案
通过将重定向URI显式设置为http://localhost:8080/login,您可以覆盖默认的重定向URI,即/login/oauth2/callback/{registrationId}。
此URI是特殊的,因为它提示OAuth2LoginAuthenticationFilter处理该请求,尝试对用户进行身份验证并创建OAuth2AuthenticationToken。
将重定向URI设置为/login时,不会调用OAuth2LoginAuthenticationFilter,并且应用程序不知道用户是否已通过身份验证,从而导致401。
这篇关于Spring OAuth 2.0客户端在输入正确凭据后返回401未经授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
