Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/spring-boot/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring boot 使用Spring云网关获取访问令牌,使用Key斗篷获取Spring安全性_Spring Boot_Spring Security_Keycloak_Spring Security Oauth2_Spring Cloud Gateway - Fatal编程技术网
Fatal编程技术网
  • spring-boot/
  • Spring boot 使用Spring云网关获取访问令牌,使用Key斗篷获取Spring安全性

Spring boot 使用Spring云网关获取访问令牌,使用Key斗篷获取Spring安全性

spring-boot spring-security keycloak

Spring boot 使用Spring云网关获取访问令牌,使用Key斗篷获取Spring安全性,spring-boot,spring-security,keycloak,spring-security-oauth2,spring-cloud-gateway,Spring Boot,Spring Security,Keycloak,Spring Security Oauth2,Spring Cloud Gateway,我正在使用SpringCloudGateway和SpringSecurity以及KeyClove进行访问管理。我在使用spring cloud gateway获取访问令牌时遇到问题,因为我获取的令牌没有像我在KeyClope中从令牌端点获取的那样的所有参数 当我点击KeyClope令牌端点时,显示了所有详细信息: http://localhost:8080/auth/realms/myrealm/protocol/openid-连接/令牌 { "exp": 1595310

我正在使用SpringCloudGateway和SpringSecurity以及KeyClove进行访问管理。我在使用spring cloud gateway获取访问令牌时遇到问题,因为我获取的令牌没有像我在KeyClope中从令牌端点获取的那样的所有参数

当我点击KeyClope令牌端点时,显示了所有详细信息:

http://localhost:8080/auth/realms/myrealm/protocol/openid-连接/令牌

{
  "exp": 1595310135,
  "iat": 1595309835,
  "jti": "0a78d67c-878c-468c-8d03-e003af0350c3",
  "iss": "http://localhost:8080/auth/realms/myrealm",
  "aud": "account",
  "sub": "5c3c71c8-4682-4cd8-8e28-ee66a7edea4e",
  "typ": "Bearer",
  "azp": "myclient",
  "session_state": "af8acabc-b9fb-4d15-9160-b9c613007075",
  "acr": "1",
  "allowed-origins": [
    "http://localhost:8080"
  ],
  "realm_access": {
    "roles": [
      "offline_access",
      "uma_authorization"
    ]
  },
  "resource_access": {
    "account": {
      "roles": [
        "manage-account",
        "manage-account-links",
        "view-profile"
      ]
    }
  },
  "scope": "profile email",
  "email_verified": true,
  "name": "Vijay 123",
  "preferred_username": "vijay",
  "given_name": "Vijay",
  "family_name": "123"
}
但在我尝试从Spring云网关配置中获取相同令牌的同时,我得到了以下令牌:

{
  "exp": 1595244254,
  "iat": 1595243954,
  "auth_time": 1595243954,
  "jti": "6d76736d-51d4-4ae7-9c15-55fc2cf9d96a",
  "iss": "http://localhost:8080/auth/realms/myrealm",
  "aud": "myclient",
  "sub": "5c3c71c8-4682-4cd8-8e28-ee66a7edea4e",
  "typ": "ID",
  "azp": "myclient",
  "session_state": "dfbeb8a3-5d8e-4750-b8af-3dd00105cafa",
  "acr": "1",
  "upn": "vijay",
  "email_verified": true,
  "address": {},
  "name": "Vijay 123",
  "groups": [
    "offline_access",
    "uma_authorization"
  ],
  "preferred_username": "vijay",
  "given_name": "Vijay",
  "family_name": "123"
}
以下是我使用的配置:

  @Bean
  public GlobalFilter customGlobalFilter() {
    return (exchange, chain) -> exchange.getPrincipal().map(principal -> {

      String token = "";
      String session = "";
      if (principal instanceof OAuth2AuthenticationToken) {
        // For Getting token from request
        SecurityContextImpl context =
            exchange.getSession().block().getAttribute("SPRING_SECURITY_CONTEXT");
        DefaultOidcUser principal1 = (DefaultOidcUser) context.getAuthentication().getPrincipal();
        token = principal1.getIdToken().getTokenValue();
      }
  }
令牌值与KeyClope中的令牌值不匹配

有没有其他方法可以从请求中获取OIDC令牌而不是OAuth2令牌

我可以看到原理是OAuth2AuthenticationToken类型