Spring security SpringSecurity5和jwk设置了具有身份验证的uri
嗯,我有一个URL来获取公钥,但是这个URL需要一个承载令牌,所以我的application.properties中有以下内容:Spring security SpringSecurity5和jwk设置了具有身份验证的uri,spring-security,spring-security-oauth2,Spring Security,Spring Security Oauth2,嗯,我有一个URL来获取公钥,但是这个URL需要一个承载令牌,所以我的application.properties中有以下内容: spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://myauth-server.com/keys.jwt 和我的安全配置类: @Override protected void configure(HttpSecurity http) throws Exception { http.aut
spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://myauth-server.com/keys.jwt
和我的安全配置类:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests(authorizeRequests ->
authorizeRequests
.antMatchers("/customers/**").authenticated()
.anyRequest().anonymous()
).oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
}
但是,当我尝试提出请求时,出现了以下错误:
org.springframework.security.oauth2.core.OAuth2AuthenticationException: An error occurred while attempting to decode the Jwt: Signed JWT rejected: Another algorithm expected, or no matching key(s) found
还有我的pom.xml:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-resource-server</artifactId>
</dependency>
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
<version>7.3</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId>
</dependency>
org.springframework.boot
弹簧启动安全
org.springframework.security
spring-security-oauth2-resource-server
com.usds
oauth2 oidc sdk
7.3
运行时
org.springframework.security
spring-security-oauth2-jose
我真的不知道这个错误是因为我的“keys.jwt”URI需要某种身份验证还是其他原因 通过以下方法解决了问题:
@Bean
public NimbusJwtDecoder nimbusJwtDecoder(){
RestTemplate rest = new RestTemplate();
rest.getInterceptors().add((request, body, execution) -> {
request.getHeaders().setBearerAuth(myJwt);
return execution.execute(request, body);
});
return NimbusJwtDecoder.withJwkSetUri(jwkUri)
.restOperations(rest).build();
}
你从哪里得到“myJwt”?