带有Gitlab的Spring Security 5 OAuth2客户端失败
在我的项目中,我试图将SpringSecurity5OAuth2/OIDC与GitLab集成,并遵循官方示例代码,添加GitLab配置,如下所示带有Gitlab的Spring Security 5 OAuth2客户端失败,spring,spring-boot,spring-security,oauth-2.0,gitlab,Spring,Spring Boot,Spring Security,Oauth 2.0,Gitlab,在我的项目中,我试图将SpringSecurity5OAuth2/OIDC与GitLab集成,并遵循官方示例代码,添加GitLab配置,如下所示 security: oauth2: client: registration: gitlab: client-id: 0cef9527091bb2faec01610a0fb330e3a915672110cf3298ff3aadceaa8ab11f client-secret: fd84439d
security:
oauth2:
client:
registration:
gitlab:
client-id: 0cef9527091bb2faec01610a0fb330e3a915672110cf3298ff3aadceaa8ab11f
client-secret: fd84439d06f7a2dabb5d5a64ac478211ab4009aa0fa62d478661a52f4234de72
authorization-grant-type: authorization_code
redirectUriTemplate: '{baseUrl}/login/oauth2/code/{registrationId}'
scope:
- openid
- api
clientName: GitLab
provider:
gitlab:
authorization-uri: https://gitlab.com/oauth/authorize
token-uri: https://gitlab.com/oauth/token
user-info-uri: https://gitlab.com/oauth/userinfo
jwk-set-uri: https://gitlab.com/oauth/discovery/keys
我在我的Gitlab设置帐户中创建了一个应用程序,将它的授权回调url设置为:
当我通过mvn-spring-boot:run
运行应用程序时。然后单击Gitlab,在Gitlab授权页面中单击授权按钮
然后页面返回到,控制台中出现如下异常:
at position 15931.
at com.nimbusds.jose.util.JSONObjectUtils.parse(JSONObjectUtils.java:75) ~[nimbus-jose-jwt-5.4.jar:5.4]
at com.nimbusds.jose.jwk.JWKSet.parse(JWKSet.java:304) ~[nimbus-jose-jwt-5.4.jar:5.4]
at com.nimbusds.jose.jwk.source.RemoteJWKSet.updateJWKSetFromURL(RemoteJWKSet.java:145) ~[nimbus-jose-jwt-5.4.jar:5.4]
... 64 common frames omitted
似乎它没有重定向到所需的页面,而是Gitlab登录。这是一个老问题,但我相信这里有一个错误:
user-info-uri: https://gitlab.com/oauth/userinfo
应该是:
user-info-uri: https://gitlab.com/api/v4/user
Per here:我在过去两天里一直在为同一问题苦苦挣扎,终于找到了一个可行的解决方案:
pom.xml
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
Gitlab应用程序配置:
当然,请记住将
localhost:8080
更改为您的实际应用程序地址。但是,这一个对于本地开发很好。还需要调整spring.security.oauth2.client.provider.gitlab.user name属性=username当我当时使用gitlab时,我认为gitlab在默认情况下保护了一些发现配置URL。
spring.security.oauth2.client.provider.gitlab.authorization-uri=https://gitlab.com/oauth/authorize
spring.security.oauth2.client.provider.gitlab.token-uri=https://gitlab.com/oauth/token
spring.security.oauth2.client.provider.gitlab.user-info-uri=https://gitlab.com/api/v4/user
spring.security.oauth2.client.provider.gitlab.user-name-attribute=username
spring.security.oauth2.client.provider.gitlab.jwk-set-uri=https://gitlab.com/oauth/discovery/keys
spring.security.oauth2.client.registration.gitlab.client-id=YOUR_CLIENT_ID
spring.security.oauth2.client.registration.gitlab.client-secret=YOUR_SECRET
spring.security.oauth2.client.registration.gitlab.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.gitlab.redirect-uri=http://localhost:8080/login/oauth2/code/gitlab
spring.security.oauth2.client.registration.gitlab.scope=read_user
spring.security.oauth2.client.registration.gitlab.client-name=GitLab