OAuth2AuthenticationToken 即使在身份验证后也不打印任何内容

问题描述 投票:0回答:0

登录后,我被重定向到 redirect_uri,访问令牌附加在浏览器的 URL 上,但我无法访问访问令牌,并且 OAuth2AuthenticationToken 未与上下文安全一起填充

2023-04-01 20:51:49.468 DEBUG 20844 --- [nio-8080-exec-5] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to c.b.b.bat.controller.HomeRestController#index(Model, OAuth2AuthenticationToken)
**2023-04-01 20:51:49.468  INFO 20844 --- [nio-8080-exec-5] c.b.b.bat.controller.HomeRestController  : Principal **
2023-04-01 20:51:49.468 DEBUG 20844 --- [nio-8080-exec-5] o.s.w.s.v.ContentNegotiatingViewResolver : Selected '*/*' given [image/webp, image/apng, image/svg+xml, image/*, */*;q=0.8]
2023-04-01 20:51:49.469 DEBUG 20844 --- [nio-8080-exec-5] w.c.HttpSessionSecurityContextRepository : Did not store anonymous SecurityContext
2023-04-01 20:51:49.470 DEBUG 20844 --- [nio-8080-exec-5] o.s.web.servlet.DispatcherServlet        : Completed 200 OK
2023-04-01 20:51:49.470 DEBUG 20844 --- [nio-8080-exec-5] w.c.HttpSessionSecurityContextRepository : Did not store anonymous SecurityContext
2023-04-01 20:51:49.471 DEBUG 20844 --- [nio-8080-exec-5] s.s.w.c.SecurityContextPersistenceFilter : Cleared SecurityContextHolder to complete request

家庭控制器

   @GetMapping("/**")
    public ModelAndView index(Model model, OAuth2AuthenticationToken authentication) {
        ModelAndView mav = new ModelAndView("index");
        //   mav.addObject("user", authentication.isAuthenticated());//gives error that authentication is null
        LOG.info("Principal ", authentication);
return mav;
}

安全配置

@EnableWebSecurity
@Configuration
public class SecurityConfig {
    @Value("${spring.security.oauth2.client.registration.xxxx.client-id}")
    private String CLIENT_ID;
    @Value("${spring.security.oauth2.client.registration.xxxx.client-secret}")
    private String CLIENT_SECRET;
    @Value("${spring.security.oauth2.client.registration.xxxx.redirect-uri}")
    private String REDIRECT_URI;
    @Value("${spring.security.oauth2.client.provider.xxxx.authorization-uri}")
    private String AUTHORIZATION_URI;
    @Value("${spring.security.oauth2.client.registration.xxxx.scope}")
    private String SCOPE;

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests().antMatchers("/secured", "/bat/secured").authenticated().anyRequest().permitAll();
        http.oauth2Login()
                .loginProcessingUrl("/process-login")
                .defaultSuccessUrl("/secured")
        
                .loginPage(AUTHORIZATION_URI + "?client_id=" + CLIENT_ID + "&response_type=id_token%20token&scope=openid%20profile%20groups&redirect_uri=" + REDIRECT_URI + "&nonce=none&client_secret=" + CLIENT_SECRET);

        http.csrf().disable();

        return http.build();
    }

}
spring-security spring-security-oauth2
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.