Spring security 未找到类org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken的提供程序
我创建了三个应用程序,分别是“SpringCloudGateway(8081)”、“SpringOAuth2身份验证服务器(8094)”和“SpringOAuth2资源服务器(8097)” 当我想请求资源服务器时,首先我需要请求gw,它将转发到oauth服务器,我登录到那里(oauth也有spring安全层)。成功登录后,它会重定向到备份gw服务器这样的url。然后,屏幕上出现了错误 当我在auth server成功登录时,网关服务器控制台中有一个跟踪日志: 2020-01-17 17:52:11.825跟踪11336---[ctor-http-nio-4] o、 s.http.codec.json.Jackson2JsonDecoder:[21762c89]已解码 6.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2.2啊,, 令牌类型=承载, 刷新令牌=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.EYJHDWQIOLSIB1DGYLXJLC291CMNL0SINVZZZXJFBMFTZI6IMRNIIIIIIc2NVCGUIOLSIY3VZDG9Tx21VZCjDLCjDgKII5ZNJNC0WMMjTQOxODATODVLOS0WYME5WYMZYMJYMJYMZYYMZYLZYLZY2ZLZYLZLZLZY5LZYLZYDZLZLZLZLZYLZLZY5LZLZLZYDZLZLZLZLZLZLZLZLZLZLZLZLZJJJJJJJJJJJJJJJJJJJJJJJJJJ5YxpZW50In0.KhRIy7wOH2IsswDZ_AIXVFdtu6JZqtiLBZGZIypeNRw, expires\u in=9,scope=custom\u mod, jti=9e3c46a4-02bf-4180-85e9-0ba93420ab88}] 当我解码访问令牌jwt时,结果如下Spring security 未找到类org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken的提供程序,spring-security,spring-cloud,spring-security-oauth2,spring-oauth2,spring-cloud-gateway,Spring Security,Spring Cloud,Spring Security Oauth2,Spring Oauth2,Spring Cloud Gateway,我创建了三个应用程序,分别是“SpringCloudGateway(8081)”、“SpringOAuth2身份验证服务器(8094)”和“SpringOAuth2资源服务器(8097)” 当我想请求资源服务器时,首先我需要请求gw,它将转发到oauth服务器,我登录到那里(oauth也有spring安全层)。成功登录后,它会重定向到备份gw服务器这样的url。然后,屏幕上出现了错误 当我在auth server成功登录时,网关服务器控制台中有一个跟踪日志: 2020-01-17 17:52:1
{
"aud": [
"oauth2-resource"
],
"user_name": "dg",
"scope": [
"custom_mod"
],
"exp": 1579272741,
"authorities": [
"ROLE_ADMIN"
],
"jti": "9e3c46a4-02bf-4180-85e9-0ba93420ab88",
"client_id": "first-client"
}
我想,我缺少一些在网关服务器或oauth服务器中实现的部分,但我找不到。因为当我尝试使用okta而不是我的自定义身份验证服务器时,没有出现错误。
网关应用程序.properties
server.port=8081
spring.security.oauth2.client.registration.gateway.client-id=first-client
spring.security.oauth2.client.registration.gateway.client-secret=noonewilleverguess
spring.security.oauth2.client.registration.gateway.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.gateway.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}
spring.security.oauth2.client.provider.gateway.authorization-uri=http://localhost:8094/oauth/authorize
spring.security.oauth2.client.provider.gateway.token-uri=http://localhost:8094/oauth/token?scope=custom_mod
spring.security.oauth2.client.provider.gateway.user-info-uri=http://localhost:8094/userinfo
spring.security.oauth2.client.provider.gateway.user-name-attribute=name
logging.level.root=trace
以下是屏幕eror消息:
Fri Jan 17 17:28:11 EET 2020[83c168ec]发生意外错误
(类型=内部服务器错误,状态=500)。找不到类的提供程序
org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
以下是控制台错误消息:
2020-01-17 17:40:27.204错误7180---[ctor-http-nio-2]
a、 w.r.e.AbstractErrorWebExceptionHandler:[93951d85]500服务器错误
对于HTTP GET
“/login/oauth2/code/gateway?code=n35lEN&state=fz94zzysynuwag1vs32cx4sxu9kj6arm58twqmr9sq%3D”
java.lang.IllegalStateException:未找到类的提供程序
org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
在
org.springframework.security.web.server.authentication.AuthenticationWebFilter.lambda$authenticate$5(AuthenticationWebFilter.java:118)
~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]被抑制:
reactor.core.publisher.FluxOnAssembly$OnAssemblyException:出现错误
在以下地点观察到:| u检查点⇢
org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter
[DefaultWebFilterChain]|检查点⇢
org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter
[DefaultWebFilterChain]|检查点⇢
org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter
[DefaultWebFilterChain]|检查点⇢
org.springframework.security.web.server.context.ReactorContextWebFilter
[DefaultWebFilterChain]|检查点⇢
org.springframework.security.web.server.csrf.CsrfWebFilter
[DefaultWebFilterChain]|检查点⇢
org.springframework.security.web.server.header.HttpHeaderWriterWebFilter
[DefaultWebFilterChain]|检查点⇢
org.springframework.security.config.web.server.ServerHttpSecurity$ServerWebExchangeActorContextWebFilter
[DefaultWebFilterChain]|检查点⇢
org.springframework.security.web.server.WebFilterChainProxy
[DefaultWebFilterChain]|检查点⇢ HTTP获取
“/login/oauth2/code/gateway?code=n35lEN&state=fz94zzysynuwag1vs32cx4sxu9kj6arm58twqmr9sq%3D”
[ExceptionHandlingWebHandler]堆栈跟踪:位于
org.springframework.security.web.server.authentication.AuthenticationWebFilter.lambda$authenticate$5(AuthenticationWebFilter.java:118)
~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]位于
reactor.core.publisher.monoder.subscribe(monoder.java:44)
~[reactor-core-3.3.1.RELEASE.jar:3.3.1.RELEASE]at
reactor.core.publisher.Mono.subscribe(Mono.java:4105)
~[reactor-core-3.3.1.RELEASE.jar:3.3.1.RELEASE]at
reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:75)
~[反应堆堆芯-3.3.1.释放。罐:3.3.1.释放]
编辑:缩短以理解问题。此问题发布已有一段时间了。但是,您可能正在导入SpringSecurityOAuth2客户机,而没有相应的jose客户机 所以你最好加上
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
org.springframework.boot
spring-boot-starter-oauth2-client
在我的情况下,因为我的客户没有openid
范围。救生。人们不应该混淆spring-boot-starter-oauth2-client
和spring-security-oauth2-client
,一个工作正常,另一个需要更多配置。