从授权步骤重定向时 OAuth2 客户端失败 [英] OAuth2 client fails when redirecting from the authorization step

问题描述

在我当前的 spring-boot 中，我尝试使用外部 OAuth2 服务器登录用户.现在的问题是，当我执行应用程序时，授权成功后，用户应该被重定向回应用程序.发生这种情况时，我遇到了错误.

In my current spring-boot, I am trying sign in the user using an external OAuth2 server. The problem right now is that when I execute the application, after the authorization being successful, the user should be redirected back to the application. When this happens, I got an error.

我的application.properties 文件:

spring.security.oauth2.client.registration.mercadolivre.provider=mercadolivre
spring.security.oauth2.client.registration.mercadolivre.client-id=...
spring.security.oauth2.client.registration.mercadolivre.client-secret=...
spring.security.oauth2.client.registration.mercadolivre.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.mercadolivre.redirect-uri=http://localhost:8080/
spring.security.oauth2.client.provider.mercadolivre.authorization-uri=https://auth.mercadolivre.com.br/authorization
spring.security.oauth2.client.provider.mercadolivre.token-uri=https://api.mercadolibre.com/oauth/token

我的安全配置类:

@Configuration
public class Security extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .anyRequest().authenticated()
            .and()
            .oauth2Login();
    }
}

我现在面临的错误:

这里有什么问题?

更新

我尝试将此行添加到我的 applicatio.properties 文件中:

I try add this line to my applicatio.properties file:

spring.security.oauth2.client.registration.mercadolivre.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}

现在我收到此错误:

打开浏览器开发者控制台:

with the browser developer console open:

推荐答案

将 redirect-uri 更改为其他内容...最好使用像 reference 使用:

Change the redirect-uri to something else... It's better if you use a template string like the one the reference uses:

spring.security.oauth2.client.registration.mercadolivre.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}

这是将处理授权服务器发回的授权代码的 uri.如果您希望用户在身份验证成功后被重定向到某个页面，请在 configure() 中执行以下操作:

That's the uri that will process the authorization code the authorization server sends back. If you want the user to be redirected to some page after successful authentication, do something like this in configure():

http.
    ...
    .oauth2Login()
        .defaultSuccessUrl("/");

这篇关于从授权步骤重定向时 OAuth2 客户端失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！