未找到类org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken的提供程序

我创建了三个应用程序，分别是“ spring cloud gateway（8081）”，“ spring oauth2 auth server（8094）”和“ spring oauth2 resource server（8097）”。

[当我想向资源服务器请求时，首先我需要请求gw，它将转发到oauth服务器，然后我在那里登录（oauth也具有spring安全层）。成功登录后，它将重定向回gw服务器，例如http://localhost:8081/login/oauth2/code/gateway?code=6ldKVF&state=0WvvWdTs8G_XchSTQKqgokua_XDVQziqVZ_VXLMqIS0%3D url。然后，屏幕出现错误。

当我在身份验证服务器上成功登录时，网关服务器控制台中有一个跟踪日志：

2020-01-17 17：52：11.825跟踪11336 --- [ctor-http-nio-4]o.s.http.codec.json.Jackson2JsonDecoder：[21762c89]解码[{=的access_token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsib2F1dGgyLXJlc291cmNlIl0sInVzZXJfbmFtZSI6ImRnIiwic2NvcGUiOlsiY3VzdG9tX21vZCJdLCJleHAiOjE1NzkyNzI3NDEsImF1dGhvcml0aWVzIjpbIlJPTEVfQURNSU4iXSwianRpIjoiOWUzYzQ2YTQtMDJiZi00MTgwLTg1ZTktMGJhOTM0MjBhYjg4IiwiY2xpZW50X2lkIjoiZmlyc3QtY2xpZW50In0.xdWGm420tvp2Rzq0AyCgOTcDuKvP-V6JFd76KmJJf7o，token_type =承载者，refresh_token = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsib2F1dGgyLXJlc291cmNlIl0sInVzZXJfbmFtZSI6ImRnIiwic2NvcGUiOlsiY3VzdG9tX21vZCJdLCJhdGkiOiI5ZTNjNDZhNC0wMmJmLTQxODAtODVlOS0wYmE5MzQyMGFiODgiLCJleHAiOjE1NzkyNzI3NTEsImF1dGhvcml0aWVzIjpbIlJPTEVfQURNSU4iXSwianRpIjoiYzEyNWExM2ItMmMzYS00ZGM0LWJjODgtZDc4ZDk1ZTljNzQ5IiwiY2xpZW50X2lkIjoiZmlyc3QtY2xpZW50In0.KhRIy7wOH2IsswDZ_AIXVFdtu6JZqtiLBZGZIypeNRw，expires_in = 9，范围= custom_mod，jti = 9e3c46a4-02bf-4180-85e9-0ba93420ab88}]

当我解码以访问令牌jwt时，这是结果。

{
"aud": [
"oauth2-resource"
],
"user_name": "dg",
"scope": [
"custom_mod"
],
"exp": 1579272741,
"authorities": [
"ROLE_ADMIN"
],
"jti": "9e3c46a4-02bf-4180-85e9-0ba93420ab88",
"client_id": "first-client"
}

我想，我缺少一些要在网关服务器或oauth服务器中实现的部分，但找不到。因为当我尝试使用okta代替我的自定义身份验证服务器时，没有错误。

我的认证服务器配置；

@Configuration
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    private JwtAccessTokenConverter accessTokenConverter;

    @Bean
    public TokenStore tokenStore() {
        return new InMemoryTokenStore();
    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey("private");
        return converter;
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.tokenStore(tokenStore)
                .authenticationManager(authenticationManager)
                .accessTokenConverter(accessTokenConverter);
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
        oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("permitAll()").allowFormAuthenticationForClients();
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory().withClient("first-client").secret("{noop}noonewilleverguess")
                .authorizedGrantTypes("client_credentials", "password", "authorization_code", "refresh_token")
                .scopes("custom_mod").resourceIds("oauth2-resource")
                .accessTokenValiditySeconds(100)
                .refreshTokenValiditySeconds(2220)
                .autoApprove(true)
                .redirectUris("http://localhost:8081/login/oauth2/code/gateway");
    }

}

Auth服务器春季安全配置

@EnableWebSecurity
@Order(1)
public class MySecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().withUser("dg").password("{noop}dg").roles("ADMIN");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and().csrf().disable().
                authorizeRequests().antMatchers("/**").permitAll()
                .and().formLogin().permitAll().and().httpBasic();
    }

}

我的网关服务器配置

@EnableWebFluxSecurity
public class MySecurityConfiguration {

    @Bean
    public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
        return http.authorizeExchange().anyExchange().authenticated().and().
                oauth2Login().and().build();
    }

}

Gateway application.yml

spring:
  cloud:
    gateway:
      routes:
      - id: mod_route
        predicates:
          - Path=/deneme-gw-mod/**
        filters:
          - RewritePath=/deneme-gw-mod/(?<segment>.*), /resource/$\{segment}
          # - TokenRelay=
          # Include OAuth access tokens to the downstream request
        uri: "lb://deneme-ms-resource-server"

网关application.properties

server.port=8081
eureka.client.serviceUrl.defaultZone = http://localhost:8010/eureka
spring.application.name=deneme-api-gateway
spring.cloud.gateway.discovery.locator.enabled=true
spring.cloud.gateway.discovery.locator.lower-case-service-id=true

spring.security.oauth2.client.registration.gateway.client-id=first-client
spring.security.oauth2.client.registration.gateway.client-secret=noonewilleverguess
spring.security.oauth2.client.registration.gateway.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.gateway.redirect-uri={baseUrl}/login/oauth2/code/{registrationId}

spring.security.oauth2.client.provider.gateway.authorization-uri=http://localhost:8094/oauth/authorize
spring.security.oauth2.client.provider.gateway.token-uri=http://localhost:8094/oauth/token?scope=custom_mod
spring.security.oauth2.client.provider.gateway.user-info-uri=http://localhost:8094/userinfo
spring.security.oauth2.client.provider.gateway.user-name-attribute=name

logging.level.root=trace

这里是屏幕错误消息：

星期五1月17日17:28:11 EET 2020 [83c168ec]发生意外错误（类型=内部服务器错误，状态= 500）。找不到课程的提供者org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken

这是控制台错误消息：

2020-01-17 17：40：27.204错误7180 --- [ctor-http-nio-2]a.w.r.e.AbstractErrorWebExceptionHandler：[93951d85] 500服务器错误用于HTTP GET“ / login / oauth2 / code / gateway？code = n35lEN＆state = fZ94ZsZySnUwaG1vS32cX4sXU9KJ6aRm58twQMrR9sQ％3D”

java.lang.IllegalStateException：找不到类的提供程序org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken在org.springframework.security.web.server.authentication.AuthenticationWebFilter.lambda $ authenticate $ 5（AuthenticationWebFilter.java:118）〜[spring-security-web-5.2.1.RELEASE.jar：5.2.1.RELEASE]被禁止：Reactor.core.publisher.FluxOnAssembly $ OnAssemblyException：发生错误在以下站点被观察到：| _检查点⇢org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter[DefaultWebFilterChain] | _检查点⇢org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter[DefaultWebFilterChain] | _检查点⇢org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter[DefaultWebFilterChain] | _检查点⇢org.springframework.security.web.server.context.ReactorContextWebFilter[DefaultWebFilterChain] | _检查点⇢org.springframework.security.web.server.csrf.CsrfWebFilter[DefaultWebFilterChain] | _检查点⇢org.springframework.security.web.server.header.HttpHeaderWriterWebFilter[DefaultWebFilterChain] | _检查点⇢org.springframework.security.config.web.server.ServerHttpSecurity $ ServerWebExchangeReactorContextWebFilter[DefaultWebFilterChain] | _检查点⇢org.springframework.security.web.server.WebFilterChainProxy[DefaultWebFilterChain] | _检查点⇢HTTP GET“ / login / oauth2 / code / gateway？code = n35lEN＆state = fZ94ZsZySnUwaG1vS32cX4sXU9KJ6aRm58twQMrR9sQ％3D”[ExceptionHandlingWebHandler]堆栈跟踪：在org.springframework.security.web.server.authentication.AuthenticationWebFilter.lambda $ authenticate $ 5（AuthenticationWebFilter.java:118）〜[spring-security-web-5.2.1.RELEASE.jar：5.2.1.RELEASE]在Reactor.core.publisher.MonoDefer.subscribe（MonoDefer.java:44）〜[reactor-core-3.3.1.RELEASE.jar：3.3.1.RELEASE]在Reactor.core.publisher.Mono.subscribe（Mono.java:4105）〜[reactor-core-3.3.1.RELEASE.jar：3.3.1.RELEASE]在Reactor.core.publisher.FluxSwitchIfEmpty $ SwitchIfEmptySubscriber.onComplete（FluxSwitchIfEmpty.java:75）〜[reactor-core-3.3.1.RELEASE.jar：3.3.1.RELEASE]

可以在https://github.com/dgempiuc/api-gw-oauth2存储库中访问完整代码。