Java Spring oauth2自定义令牌问题
我有一个要求,生成一个令牌在代码中手动与第三方已经过验证。当我必须验证令牌时,我遇到了一个问题。我已经创建了自己的令牌存储,当不生成手动令牌时,它工作得很好。我还扩展了DefaultTokenService,但只添加了一个方法 我抛出了几个断点,发现在手动创建自己的令牌时,我正在使用ProviderManager类。但是,当我不创建自己的令牌时,我正在使用基于UnanimousBased的类。不确定这个细节是否有用。我会更多地回溯,但我愿意接受任何想法 以下是我创建令牌的方式:Java Spring oauth2自定义令牌问题,java,spring,spring-security,oauth-2.0,Java,Spring,Spring Security,Oauth 2.0,我有一个要求,生成一个令牌在代码中手动与第三方已经过验证。当我必须验证令牌时,我遇到了一个问题。我已经创建了自己的令牌存储,当不生成手动令牌时,它工作得很好。我还扩展了DefaultTokenService,但只添加了一个方法 我抛出了几个断点,发现在手动创建自己的令牌时,我正在使用ProviderManager类。但是,当我不创建自己的令牌时,我正在使用基于UnanimousBased的类。不确定这个细节是否有用。我会更多地回溯,但我愿意接受任何想法 以下是我创建令牌的方式:
ConcurrentHashMap<String, String> authorizationParameters = new ConcurrentHashMap<String, String>();
authorizationParameters.put("scope", "read");
authorizationParameters.put("username", "mobile_client");
authorizationParameters.put("client_id", "mobile-client");
authorizationParameters.put("grant", "password");
DefaultAuthorizationRequest authorizationRequest = new DefaultAuthorizationRequest(authorizationParameters);
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
authorities.add(new GrantedAuthorityImpl("ROLE_UNTRUSTED_CLIENT"));
authorizationRequest.setAuthorities(authorities);
HashSet<String> resourceIds = new HashSet<String>();
resourceIds.add("mobile-client");
authorizationRequest.setResourceIds(resourceIds);
User userPrincipal = new User("mobile_client", "", true, true, true, true, authorities);
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userPrincipal, null, authorities) ;
OAuth2Authentication authenticationRequest = new OAuth2Authentication(authorizationRequest, authenticationToken);
authenticationRequest.setAuthenticated(true);
NoSQLTokenStore tokenStore = new NoSQLTokenStore();
CustomTokenServices tokenServices = new CustomTokenServices();
tokenServices.setSupportRefreshToken(true);
tokenServices.setTokenStore(tokenStore);
OAuth2AccessToken accessToken = tokenServices.createAccessTokenForUser(authenticationRequest, user);
ConcurrentHashMap authorizationParameters=new ConcurrentHashMap();
authorizationParameters.put(“范围”、“读取”);
authorizationParameters.put(“用户名”、“移动客户端”);
authorizationParameters.put(“客户端id”、“移动客户端”);
authorizationParameters.put(“授权”、“密码”);
DefaultAuthorizationRequest authorizationRequest=新的DefaultAuthorizationRequest(authorizationParameters);
Set authorities=new HashSet();
添加(新授权授权impl(“角色\不受信任\客户”);
授权请求。设置权限(权限);
HashSet resourceIds=新HashSet();
添加(“移动客户端”);
authorizationRequest.setResourceId(ResourceId);
User userPrincipal=新用户(“移动用户客户端”,true,true,true,authorities);
UsernamePasswordAuthenticationToken authenticationToken=新的UsernamePasswordAuthenticationToken(userPrincipal,null,authorities);
OAuth2Authentication authenticationRequest=新的OAuth2Authentication(authorizationRequest,authenticationToken);
authenticationRequest.setAuthenticated(true);
NoSQLTokenStore tokenStore=新的NoSQLTokenStore();
CustomTokenServices tokenServices=新的CustomTokenServices();
tokenServices.setSupportRefreshToken(true);
tokenServices.setTokenStore(tokenStore);
OAuth2AccessToken accessToken=tokenServices.createAccessTokenForUser(authenticationRequest,user);
Mobile App 17:02:21.169 [WARN] LoggerListener - Authentication event AuthenticationFailureProviderNotFoundEvent: mobile_client; details: remoteAddress=::1, , tokenValue=<TOKEN>; exception: No AuthenticationProvider found for org.springframework.security.oauth2.provider.OAuth2Authentication
Mobile App 17:02:21.169 [DEBUG] ExceptionTranslationFilter - Authentication exception occurred; redirecting to authentication entry point <org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.oauth2.provider.OAuth2Authentication>org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.oauth2.provider.OAuth2Authentication
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:196)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.authenticateIfRequired(AbstractSecurityInterceptor.java:316)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:202)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:131)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:1852)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:722)
Mobile App 17:02:21.169[警告]LoggerListener-身份验证事件身份验证失败ProviderNotFoundEvent:Mobile_客户端;详细信息:remoteAddress=::1,tokenValue=;异常:找不到org.springframework.security.oauth2.provider.OAuth2Authentication的AuthenticationProvider
移动应用17:02:21.169[调试]异常TranslationFilter-发生身份验证异常;重定向到身份验证入口点org.springframework.security.authentication.ProviderNotFoundException:未找到org.springframework.security.oauth2.provider.OAuth2Authentication的身份验证提供程序
位于org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:196)
位于org.springframework.security.access.intercept.AbstractSecurityInterceptor.AuthenticateFrequeired(AbstractSecurityInterceptor.java:316)
位于org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:202)
位于org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
位于org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
位于org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
位于org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
位于org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
位于org.springframework.security.web.savedrequest.RequestCacheAwarRefilter.doFilter(RequestCacheAwarRefilter.java:45)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
位于org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:131)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
位于org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
位于org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
位于org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
位于org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
位于org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
位于org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
位于org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
位于org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
位于org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
位于org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
在org。