Java Spring MVC Auth0 SSO没有获得令牌(没有Spring Boot) [英] Java Spring MVC Auth0 SSO not getting tokens (no Spring Boot)
问题描述
我正在尝试启动和运行SSO.因此,当我登录不同的应用程序(在同一auth0域上)并转到应用程序的登录页面时,我希望我的应用程序自动登录.
我设法使第一部分开始运行,并且收到了来自auth0的授权码.但是,当我尝试检索令牌时,它们都是空的.
我的redirectuUri和clientSecret是正确的,并且我认为较早返回的授权代码也是正确的.
似乎请求没有返回任何令牌.它们都是空的.
我从哪里开始找出问题所在?谢谢!
public Tokens getTokens(final String authorizationCode, final String redirectUri) {
Validate.notNull(authorizationCode);
Validate.notNull(redirectUri);
System.out.println("Sending request with code to retrieve tokens.");
final Credentials creds = authenticationAPIClient
.token(authorizationCode, redirectUri)
.setClientSecret(clientSecret).execute();
return new Tokens(creds.getIdToken(), creds.getAccessToken(), creds.getType(), creds.getRefreshToken());
}
如果使用 Auth0 Spring MVC 库(不是Spring Security MVC)-最好在 auth0-java 的版本(Maven POM依赖项/gradle依赖项)-您正在使用-以及哪个版本的 auth0-spring-mvc 库您也在引用.
对于SSO特定示例-普通的Spring介于两篇文章之间,正如我为纯Java编写的一篇文章为Spring Security MVC编写的一样-但是通过研究这两个示例,您应该对发生的事情有个好主意:
尤其要研究JSP页面,因为这是SSO检查和自动登录逻辑所在的地方.还要确保您在Auth0租户中定义的每个客户端的设置上启用SSO.
免责声明:是上述库的作者-如果您仍有问题并需要任何说明,请在下面留下我的评论.
I'm trying to get SSO up and running. So when I sign in on a different application (on the same auth0 domain) and go to the login page of my application I want my application to automatically log me in.
I managed to get the first parts running and I received an authorization code from auth0. But when I try to retrieve the tokens they are all null.
my redirectuUri and clientSecret are correct and I assume the authorization code returned earlier is correct aswell.
It seems as if the request doesn't return any tokens. They are all null.
Where do I start to find out what's going wrong? Thanks!
public Tokens getTokens(final String authorizationCode, final String redirectUri) {
Validate.notNull(authorizationCode);
Validate.notNull(redirectUri);
System.out.println("Sending request with code to retrieve tokens.");
final Credentials creds = authenticationAPIClient
.token(authorizationCode, redirectUri)
.setClientSecret(clientSecret).execute();
return new Tokens(creds.getIdToken(), creds.getAccessToken(), creds.getType(), creds.getRefreshToken());
}
If using the Auth0 Spring MVC Library (not Spring Security MVC) - then best place to stick a breakpoint would at the top of the Callback Controller's handle method
You can then step through / step in - and inspect what is going on. This method calls getTokens and that delegates to Auth0ClientImpl which is the code block you reference in the question.
Check your ClientId, ClientSecret and Domain are all correct - and if your code is reaching this method - that the code / redirectURI being passed in are also correct. Would check the Auth0 logs from the Dashboard too, and determine if any successful authentication events are recorded.
Finally, please can you confirm which version of auth0-java (maven POM dependency / gradle dependency) you are using - and which version of the auth0-spring-mvc library you are referencing also.
For SSO Specific Examples - plain Spring falls between two stools as I wrote one for plain java and one for Spring Security MVC - but you should get a good idea of what is going on by studying these two samples:
Auth0 Spring Security SSO Sample
In particular, study the JSP pages since that is where the SSO checks and auto-login logic lives. Ensure too that you enable SSO on the Settings of each of your Clients defined in your Auth0 tenant.
Disclaimer: am the author of the above libraries - please leave me comments below if you still have problems and require any clarifications.
这篇关于Java Spring MVC Auth0 SSO没有获得令牌(没有Spring Boot)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
