Spring boot Google Oauth2 GoogleIdTokenVerifier连接被拒绝错误?
我正在使用GoogleIdTokenVerifier在我的spring boot rest服务中验证令牌,以验证用户。它在开发环境中工作正常,但在生产服务器上获得以下Spring boot Google Oauth2 GoogleIdTokenVerifier连接被拒绝错误?,spring-boot,api,google-api,google-oauth,Spring Boot,Api,Google Api,Google Oauth,我正在使用GoogleIdTokenVerifier在我的spring boot rest服务中验证令牌,以验证用户。它在开发环境中工作正常,但在生产服务器上获得以下连接被拒绝错误 java.net.ConnectException: Connection refused (Connection refused) at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSo
连接被拒绝java.net.ConnectException: Connection refused (Connection refused)
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:673)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:463)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:558)
at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:264)
at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1156)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1050)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:162)
at com.google.api.client.http.javanet.NetHttpRequest.execute(NetHttpRequest.java:148)
at com.google.api.client.http.javanet.NetHttpRequest.execute(NetHttpRequest.java:84)
at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:1012)
at com.google.api.client.googleapis.auth.oauth2.GooglePublicKeysManager.refresh(GooglePublicKeysManager.java:172)
at com.google.api.client.googleapis.auth.oauth2.GooglePublicKeysManager.getPublicKeys(GooglePublicKeysManager.java:140)
at com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier.verify(GoogleIdTokenVerifier.java:174)
at com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier.verify(GoogleIdTokenVerifier.java:192)
at in.cdac.iaf.security.AuthorizationFilter.getAuthentication(AuthorizationFilter.java:112)
at in.cdac.iaf.security.AuthorizationFilter.doFilterInternal(AuthorizationFilter.java:59)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:128)
at org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
at org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:103)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:121)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:474)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:789)
at org.apache.tomcat.util.net.Nio2Endpoint$SocketProcessor.doRun(Nio2Endpoint.java:1694)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
java.net.ConnectException:连接被拒绝(连接被拒绝)
位于java.net.PlainSocketImpl.socketConnect(本机方法)
位于java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
位于java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
位于java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
位于java.net.socksocketimpl.connect(socksocketimpl.java:392)
位于java.net.Socket.connect(Socket.java:589)
位于sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:673)
位于sun.net.NetworkClient.doConnect(NetworkClient.java:175)
位于sun.net.www.http.HttpClient.openServer(HttpClient.java:463)
位于sun.net.www.http.HttpClient.openServer(HttpClient.java:558)
在sun.net.www.protocol.https.HttpsClient.(HttpsClient.java:264)
位于sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367)
位于sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)
位于sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1156)
位于sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1050)
位于sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)
位于sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:162)
位于com.google.api.client.http.javanet.NetHttpRequest.execute(NetHttpRequest.java:148)
位于com.google.api.client.http.javanet.NetHttpRequest.execute(NetHttpRequest.java:84)
位于com.google.api.client.http.HttpRequest.execute(HttpRequest.java:1012)
在com.google.api.client.googleapis.auth.oauth2.GooglePublicKeyManager.refresh(GooglePublicKeyManager.java:172)
在com.google.api.client.GoogleAppis.auth.oauth2.GooglePublicKeysManager.getPublicKeys(GooglePublicKeysManager.java:140)
在com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier.verify(GoogleIdTokenVerifier.java:174)
在com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier.verify(GoogleIdTokenVerifier.java:192)
位于in.cdac.iaf.security.AuthorizationFilter.getAuthentication(AuthorizationFilter.java:112)
位于in.cdac.iaf.security.AuthorizationFilter.doFilterInternal(AuthorizationFilter.java:59)
位于org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
位于org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
位于org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
位于org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
位于org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
位于org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
位于org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
位于org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
位于org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
位于org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
位于org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
位于org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
位于org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
位于org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
位于org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
位于org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100)
位于org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
位于org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
位于org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
位于org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
位于org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
位于org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
位于org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
位于org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:128)
位于org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
位于org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:103)
位于org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
在org.springframework.boo
String email = null;
String remoteAddr="";
if (req != null) {
remoteAddr = req.getHeader("X-FORWARDED-FOR");
if (remoteAddr == null || "".equals(remoteAddr)) {
remoteAddr = req.getRemoteAddr();
}
}
logger.info("authorization Request:"+remoteAddr);
String authorizationHeader=req.getHeader(env.getProperty("authorization.token.header.name"));
if(authorizationHeader==null) {
logger.info("Request with empty Header from Client:"+remoteAddr);
return null;
}
String token=authorizationHeader.replace(env.getProperty("authorization.token.header.prefix")+" ","");
String CLIENT_ID=env.getProperty("authorization.client-id");
try {
final JacksonFactory jacksonFactory = new JacksonFactory();
// HttpTransport httpTransport = GoogleNetHttpTransport.newTrustedTransport();
HttpTransport httpTransport = new NetHttpTransport();
logger.info("Transport created and token has been sent");
GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(httpTransport, jacksonFactory)
// Specify the CLIENT_ID of the app that accesses the backend:
.setAudience(Collections.singletonList(CLIENT_ID))
// Or, if multiple clients access the backend:
// .setAudience(Arrays.asList(CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3))
//.setIssuer("https://accounts.google.com")
.build();
// (Receive idTokenString by HTTPS POST)
String idTokenString = token;
// System.out.println("Token is: "+token);
GoogleIdToken idToken = verifier.verify(idTokenString);
logger.info("Authentication respose Received "+idToken);
if (idToken != null) {
Payload payload = idToken.getPayload();
// Print user identifier
String userId = payload.getSubject();
// Get profile information from payload
email = payload.getEmail();
boolean emailVerified = Boolean.valueOf(payload.getEmailVerified());
String name = (String) payload.get("name");
String pictureUrl = (String) payload.get("picture");
String locale = (String) payload.get("locale");
String familyName = (String) payload.get("family_name");
String givenName = (String) payload.get("given_name");
String client_id=(String) payload.get("aud");
//String issuedAt=(String) payload.get("iat");
//System.out.println("issuedAt:"+issuedAt);
// Use or store profile information
logger.info("User logged in as: "+email);
// ...in this section
//check Client id is right or not
if(client_id.equals(CLIENT_ID)) {
//code here
}
else {
logger.info("User requested by wrong client id:"+email);
logger.warn("Unauthorized request from user id:"+email);
return null;
}
} else {
logger.warn("Unauthorized request by client ID:"+remoteAddr);
//System.out.println("Invalid ID token.");
return null;
}
}
catch(Exception e) {
e.printStackTrace();
logger.warn(e.getLocalizedMessage());
return null;
}
if(email==null) {
return null;
}
logger.info("User Authenticated: "+email);
return new UsernamePasswordAuthenticationToken(email,null,new ArrayList<>());
}