Warning: file_get_contents(/data/phpspider/zhask/data//catemap/4/algorithm/10.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Oauth 2.0 apereo CAS服务器中accessToken url的请求错误_Oauth 2.0_Single Sign On_Cas_Spring Cloud Gateway_Apereo - Fatal编程技术网
Fatal编程技术网
  • oauth-2.0/
  • Oauth 2.0 apereo CAS服务器中accessToken url的请求错误

Oauth 2.0 apereo CAS服务器中accessToken url的请求错误

oauth-2.0 single-sign-on

Oauth 2.0 apereo CAS服务器中accessToken url的请求错误,oauth-2.0,single-sign-on,cas,spring-cloud-gateway,apereo,Oauth 2.0,Single Sign On,Cas,Spring Cloud Gateway,Apereo,我想将我的spring云网关应用程序与apereo CAS服务器(在8443端口上运行)集成,并将CAS服务器配置为Oauth2授权服务器。这里是流程 我请求网关 它与授权服务器(此处为CAS)交互 在交互之前,它需要在那里登录 我使用默认cas覆盖模板凭据成功登录。(casuser:Mellon) cas使用login/oauth2/code/login client?code=OC-3-TURQDNdC4jXulPgK7ipJSzfoBLi-iaSv&state=aitark42e0zx2

我想将我的spring云网关应用程序与apereo CAS服务器(在8443端口上运行)集成,并将CAS服务器配置为Oauth2授权服务器。这里是流程

  • 我请求网关

  • 它与授权服务器(此处为CAS)交互

  • 在交互之前,它需要在那里登录
  • 我使用默认cas覆盖模板凭据成功登录。(casuser:Mellon)
  • cas使用login/oauth2/code/login client?code=OC-3-TURQDNdC4jXulPgK7ipJSzfoBLi-iaSv&state=aitark42e0zx2itfkezzorm2rlehxsex6gtifzohlwy%3D url重定向到网关
  • 网关上发生[invalid_grant]错误
我检查网关跟踪日志,在获取访问令牌步骤时出错

[ctor-http-nio-2] o.s.w.s.adapter.HttpWebHandlerAdapter    : [33597172] Completed 302 FOUND, headers={masked}
[ctor-http-nio-2] o.s.h.s.r.ReactorHttpHandlerAdapter      : [33597172] Handling completed
[ctor-http-nio-2] o.s.w.s.adapter.HttpWebHandlerAdapter    : [33597172] HTTP GET "/login/oauth2/code/login-client?code=OC-14-F99FROWxhVYzpfxkmQqB1BAfP-oOfIfI&state=Y9XC3NNkPUvb649Tx0dIDG4ZyIInioAD-xT2ll3bfII%3D", headers={masked}
[ctor-http-nio-2] o.s.w.r.f.client.ExchangeFunctions       : [dee9e83] HTTP POST http://localhost:8443/cas/oauth2.0/accessToken, headers={masked}
[ctor-http-nio-2] o.s.http.codec.FormHttpMessageWriter     : [dee9e83] Writing form fields [grant_type, code, redirect_uri] (content masked)
[ctor-http-nio-2] o.s.w.r.f.client.ExchangeFunctions       : [dee9e83] Response 400 BAD_REQUEST, headers={masked}
[ctor-http-nio-2] o.s.http.codec.json.Jackson2JsonDecoder  : [dee9e83] Decoded [{error=invalid_grant}]
显然,由于请求错误,它无法请求访问\u令牌。但是,我找不到什么是有效参数。而且,我不会手动请求,而是在幕后自动请求。我的错在哪里?谢谢你的帮助

以下是我的spring云网关配置:

spring:
  security:
    oauth2:
      client:
        registration:
          login-client:
            provider: uaa
            client-id: first-client
            client-secret: noonewilleverguess
            authorization-grant-type: authorization_code
            redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
        provider:
          uaa:
            authorization-uri: http://localhost:8443/cas/oauth2.0/authorize
            token-uri: http://localhost:8443/cas/oauth2.0/accessToken
            user-info-uri: http://localhost:8443/cas/oauth2.0/profile
            prefer-token-info: false
            client-authentication-scheme: form
cas oauth2注册服务

{
  "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService",
  "clientId": "first-client",
  "clientSecret": "noonewilleverguess",
  "serviceId": "http://localhost:8085/.*",
  "name": "OAuthService",
  "bypassApprovalPrompt": true,
  "id": 1003,
  "supportedGrantTypes": [ "java.util.HashSet", [ "authorization_code" ] ],
  "supportedResponseTypes": [ "java.util.HashSet", [ "code" ] ]
}
我使用的资源

好的,问题其实很简单。spring cloud gateway自动填充3个字段(授权类型、代码、重定向uri),但cas apereo服务器的api包含5个字段(授权类型、代码、重定向uri以及客户端id、客户端机密)。为了解决这个问题,您可以定义您的api,它在cas中接受3个参数,其余的逻辑将是相同的。您唯一要做的就是覆盖访问令牌api字段行为