Java – spring cannot configure the authorization server

Java

I created a simple authorization server, but I couldn't configure it

>Start two applications (8080 for auth server and 9999 for client). > Go to localhost: 9999 / client and redirect to localhost: 8080 / login (as expected). > Use user / user to fill in the login form. > Redirect to localhost: 9999 / client (as expected), but have Hello, null instead of Hello, user

However, if I visit localhost: 8080 / me directly, I have {"name": "user"} How do I retrieve Hello, user?

Authorization server

@RestController
@EnableAuthorizationServer
@SpringBootApplication
public class Application extends WebSecurityConfigurerAdapter {

    public static void main(String[] args) {
        SpringApplication.run(Application.class,args);
    }

    @GetMapping({ "/user","/me" })
    public Map<String,String> user(Principal principal) {
        return Collections.singletonMap("name",principal == null ? "null" : principal.getName());
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .withUser("user").password("user").authorities(AuthorityUtils.NO_AUTHORITIES);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin();
    }
}

Application properties

security:
  oauth2:
    client:
      client-id: clientid
      client-secret: clientsecret
      scope: read,write
      auto-approve-scopes: '.*'

customer

@Configuration
@EnableAutoConfiguration
@EnableOAuth2Sso
@RestController
public class Client {

    @GetMapping("/")
    public String home(Principal principal) {
        return "Hello," + principal.getName();
    }

    public static void main(String[] args) {
        new SpringApplicationBuilder(Client.class)
                .properties("spring.config.name=client").run(args);
    }

}

Customer's property

server:
  port: 9999
  context-path: /client
security:
  oauth2:
    client:
      client-id: clientid
      client-secret: clientsecret
      access-token-uri: http://localhost:8080/oauth/token
      user-authorization-uri: http://localhost:8080/oauth/authorize
    resource:
      user-info-uri: http://localhost:8080/me

Update: when all the work was downloaded, I downloaded a tutorial, but it has ssofilter for oauth2 authentication only I just want to configure it with loginform I also shared a temporary example on GitHub I think it will be easier to find problems with it

Solution

There are different ports 9999 8080. When it requests resources from a domain or port different from the domain or port served by the first resource itself, this will lead to cross source HTTP requests

More details about HTTP access control (CORS)

There is a good example on the official spring website enabling cross origin requests for a restful web service

I suggest that you only need to implement the filter interface to perform CORS filtering on your application

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CorsFilter implements Filter {

    public CorsFilter() {
    }

    @Override
    public void doFilter(ServletRequest req,ServletResponse res,FilterChain chain) throws IOException,ServletException {
        HttpServletResponse response = (HttpServletResponse) res;
        HttpServletRequest request = (HttpServletRequest) req;
        response.setHeader("Access-Control-Allow-Origin","*"); //for production add only origins which should be allowed to access Now for demo purposes this accepts all.
        response.setHeader("Access-Control-Allow-Methods","POST,GET,OPTIONS,DELETE"); //i would reduce this method list if not all methods used this is added just for demo purposes
        response.setHeader("Access-Control-Max-Age","3600");
        response.setHeader("Access-Control-Allow-Headers","x-requested-with,authorization");

        if ("OPTIONS".equalsIgnoreCase(request.getmethod())) {
            response.setStatus(HttpServletResponse.SC_OK);
        } else {
            chain.doFilter(req,res);
        }
    }

    @Override
    public void init(FilterConfig filterConfig) {
    }

    @Override
    public void destroy() {
    }
}

If you are using the spring boot app, be sure to include the package where the new filter is located in the component scan

If you use 'web XML 'to configure:

Then add a filter

<filter>
    <filter-name>CORS</filter-name>
    <filter-class>com.mycompany.CorsFilter</filter-class>
</filter>

Option to add a mapping on the servlet

<filter-mapping>
        <filter-name>CORS</filter-name>
        <servlet-name>MyServlet</servlet-name>
</filter-mapping>

Option B add filters for all applications:

<filter-mapping>
        <filter-name>CORS</filter-name>
        <url-pattern>/*</url-pattern> <!--this will add cors on all apps-->
</filter-mapping>
The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>