OAuth(开放授权)是一种开放式协议框架,允许以简单和标准化的方式为桌面,移动和Web应用程序提供安全的API授权。 OAuth 2.0是OAuth协议的第二个版本。
NextJs:在令牌交换请求中获取 eBay OAuth 访问令牌时出错
我正在努力将 eBay OAuth 集成到我的应用程序中以进行用户身份验证。我已成功导航 OAuth 流程的第一部分,在用户之后从 eBay 获取授权码
Google OAuth 同意窗口是否可以让用户通过复选框选择他们想要的权限?
目前,在我正在开展的一个项目中,我们使用 Google Workspace 作为内部应用。我们希望访问某些用户的电子邮件,但不是全部。我们调查了为某些用户省略一些范围的问题,但是
我正在尝试创建一个将数据发送到ABP框架API的Windows服务。 我了解到,要访问 API,您需要登录。 在 ABP 框架中,授权是使用 OAut 进行的...
我正在使用oauth创建一个Spring boot应用程序,现在我可以登录github,但我想要一个基于角色的应用程序,所以有些路由只能由role_admin访问,而...
我正在使用 C# 在我的应用程序中实现 youtube 登录,我想知道为什么每当我请求访问令牌时它都会不断返回“错误请求”消息 我有客户端 ID、客户端密码,
我能够完成身份验证流程来获取用户的凭据 - 但是,我想确保我可以继续使用这些凭据而不会过期。我完全了解代币规则
如果您尝试进行非本地身份验证,则使用 python 上传视频的官方 YouTube 文档已损坏。已弃用的 oauthlib2 使用出界“流”/
根据 OpenAPI 定义在 Swagger UI 中使用 PKCE 进行授权代码流
我正在为单页应用程序 (SPA) 构建 Web API,其中用户使用带有 PKCE 的授权代码流通过第三方授权服务器进行身份验证。该 API 已记录在案...
我正在构建一个服务提供商应用程序,用户应该能够使用 OAuth2 和 OpenID Connect 与第三方应用程序共享数据。 标准 OAuth2 同意流程
来自 azure adb2c 自定义策略 oauth2 的“收到无效的 OAuth 响应”
我正在通过执行 oauth2 流程的 ADB2C 自定义策略来实现 SSO。 我获得了身份验证代码,但是当我去获取访问令牌时,我收到“收到无效的 OAuth 响应”,其中包含 null
我是 UPS API 的新手。 我有 4 个不同的应用程序来处理 UPS 相关任务 1)UPSRating 2)UPSQuantumView 3)UPSShipping 4)UPSTracking 对于常用方法,我有一个应用程序,“UPSCommon”,...
无法在使用 Forgerock 作为 keyManager 的 WSO2 APIM 中添加密码授予
我已将 forgerock AM 添加为 WSO2 API 管理器的密钥管理器,并使用客户端凭据对密钥进行分类。但是当我创建一个新的领域,其中授予类型为“密码”的 oauth 提供者时,我...
我正在我的博客应用程序上实现谷歌身份验证,该应用程序正在反应。 我点击此 URL 来调用 google 身份验证,我的回调 URL 是 /api/auth/google/callback。 然而,我...
我正在开发一个与 Google 服务(例如 Gmail 和 Google Drive)通信的网络应用程序。因此,我在我的 Google Workspace 组织中创建了 OAuth 2.0 应用程序。它需要部分...
drf-social-oauth2:request.user 是 AnonymousUser
我正在尝试使用 drf-social-oauth2 进行身份验证和授权。我使用上面链接的文档进行了设置。但缺少文档。我找不到如何更改 ce...
获取OAuth2刷新令牌以访问ReactJs项目中的Google服务
我正在处理以下问题。 我有一个 ReactJs 项目,它运行到 Google AppEngine 中。 我有一个类允许系统访问Google服务(例如BigQuery,Drive,GMail...)...
java.lang.IllegalArgumentException:无法使用提供的颁发者解析配置
我正在尝试使用 Spring Boot 作为资源服务器和 Keycloak 作为授权服务器来制作一个工作演示。以下是项目代码片段: pom.xml ... 我正在尝试使用 Spring Boot 作为资源服务器和 Keycloak 作为授权服务器来制作一个工作演示。这是项目代码片段: pom.xml ... <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.7.3</version> <relativePath/> <!-- lookup parent from repository --> </parent> <properties> <java.version>11</java.version> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-oauth2-resource-server</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> </dependencies> ... 应用程序.java @SpringBootApplication public class App { public static void main(String[] args) { SpringApplication.run(App.class, args); } } AppRestController.java @RestController public class AppRestController { @GetMapping("/authenticated") @PreAuthorize("isAuthenticated()") public String authenticated() { return "authenticated"; } @GetMapping("/permitAll") @PreAuthorize("permitAll") public String permitAll() { return "permitAll"; } @GetMapping("/support") @PreAuthorize("hasRole('support')") public String support() { return "support"; } } 应用程序.属性 spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8083/realms/realm_1/.well-known/openid-configuration 我在端口 8083 上运行 Keycloak。对 http://localhost:8083/realms/realm_1/.well-known/openid-configuration 的获取请求返回以下响应: { "issuer": "http://localhost:8083/realms/realm_1", "authorization_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/auth", "token_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/token", "introspection_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/token/introspect", "userinfo_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/userinfo", "end_session_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/logout", "frontchannel_logout_session_supported": true, "frontchannel_logout_supported": true, "jwks_uri": "http://localhost:8083/realms/realm_1/protocol/openid-connect/certs", "check_session_iframe": "http://localhost:8083/realms/realm_1/protocol/openid-connect/login-status-iframe.html", "grant_types_supported": [ "authorization_code", "implicit", "refresh_token", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:device_code", "urn:openid:params:grant-type:ciba" ], "acr_values_supported": [ "0", "1" ], "response_types_supported": [ "code", "none", "id_token", "token", "id_token token", "code id_token", "code token", "code id_token token" ], "subject_types_supported": [ "public", "pairwise" ], "id_token_signing_alg_values_supported": [ "PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512" ], "id_token_encryption_alg_values_supported": [ "RSA-OAEP", "RSA-OAEP-256", "RSA1_5" ], "id_token_encryption_enc_values_supported": [ "A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512" ], "userinfo_signing_alg_values_supported": [ "PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512", "none" ], "userinfo_encryption_alg_values_supported": [ "RSA-OAEP", "RSA-OAEP-256", "RSA1_5" ], "userinfo_encryption_enc_values_supported": [ "A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512" ], "request_object_signing_alg_values_supported": [ "PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512", "none" ], "request_object_encryption_alg_values_supported": [ "RSA-OAEP", "RSA-OAEP-256", "RSA1_5" ], "request_object_encryption_enc_values_supported": [ "A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512" ], "response_modes_supported": [ "query", "fragment", "form_post", "query.jwt", "fragment.jwt", "form_post.jwt", "jwt" ], "registration_endpoint": "http://localhost:8083/realms/realm_1/clients-registrations/openid-connect", "token_endpoint_auth_methods_supported": [ "private_key_jwt", "client_secret_basic", "client_secret_post", "tls_client_auth", "client_secret_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512" ], "introspection_endpoint_auth_methods_supported": [ "private_key_jwt", "client_secret_basic", "client_secret_post", "tls_client_auth", "client_secret_jwt" ], "introspection_endpoint_auth_signing_alg_values_supported": [ "PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512" ], "authorization_signing_alg_values_supported": [ "PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512" ], "authorization_encryption_alg_values_supported": [ "RSA-OAEP", "RSA-OAEP-256", "RSA1_5" ], "authorization_encryption_enc_values_supported": [ "A256GCM", "A192GCM", "A128GCM", "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512" ], "claims_supported": [ "aud", "sub", "iss", "auth_time", "name", "given_name", "family_name", "preferred_username", "email", "acr" ], "claim_types_supported": [ "normal" ], "claims_parameter_supported": true, "scopes_supported": [ "openid", "roles", "microprofile-jwt", "offline_access", "address", "web-origins", "acr", "phone", "profile", "email" ], "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": true, "code_challenge_methods_supported": [ "plain", "S256" ], "tls_client_certificate_bound_access_tokens": true, "revocation_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/revoke", "revocation_endpoint_auth_methods_supported": [ "private_key_jwt", "client_secret_basic", "client_secret_post", "tls_client_auth", "client_secret_jwt" ], "revocation_endpoint_auth_signing_alg_values_supported": [ "PS384", "ES384", "RS384", "HS256", "HS512", "ES256", "RS256", "HS384", "ES512", "PS256", "PS512", "RS512" ], "backchannel_logout_supported": true, "backchannel_logout_session_supported": true, "device_authorization_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/auth/device", "backchannel_token_delivery_modes_supported": [ "poll", "ping" ], "backchannel_authentication_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/ext/ciba/auth", "backchannel_authentication_request_signing_alg_values_supported": [ "PS384", "ES384", "RS384", "ES256", "RS256", "ES512", "PS256", "PS512", "RS512" ], "require_pushed_authorization_requests": false, "pushed_authorization_request_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/ext/par/request", "mtls_endpoint_aliases": { "token_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/token", "revocation_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/revoke", "introspection_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/token/introspect", "device_authorization_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/auth/device", "registration_endpoint": "http://localhost:8083/realms/realm_1/clients-registrations/openid-connect", "userinfo_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/userinfo", "pushed_authorization_request_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/ext/par/request", "backchannel_authentication_endpoint": "http://localhost:8083/realms/realm_1/protocol/openid-connect/ext/ciba/auth" } } 为了获取访问令牌,我使用密码 grand 类型向 http://localhost:8083/realms/realm_1/protocol/openid-connect/token 发送一个发布请求,并得到以下响应: { "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJuLXRnUjJJUDdfamp6TXhqbU40XzdBSS1Temx4Yk14d3lyamtueGd0bHVzIn0.eyJleHAiOjE2NjM4NDM3NDYsImlhdCI6MTY2Mzg0MzQ0NiwianRpIjoiYzUyMDk5MjEtMDhlYy00ZDZiLThkYzEtNWJjYjg5MDU5MjU2IiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgzL3JlYWxtcy9yZWFsbV8xIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6IjAyOTI0YjQ0LTRmZTEtNDY0Zi05M2JiLWNhNzM5MmU0YzQ5OCIsInR5cCI6IkJlYXJlciIsImF6cCI6ImNsaWVudC0xIiwic2Vzc2lvbl9zdGF0ZSI6IjBjYWQ2NmE4LWM0NjUtNGNjZS1hYzIxLTc3YTM0MWI1ZWEzMyIsImFjciI6IjEiLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiIsInVzZXIiLCJkZWZhdWx0LXJvbGVzLXJlYWxtXzEiXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6InByb2ZpbGUgZW1haWwiLCJzaWQiOiIwY2FkNjZhOC1jNDY1LTRjY2UtYWMyMS03N2EzNDFiNWVhMzMiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwibmFtZSI6InVzZXIxIGZpcnN0IG5hbWUgdXNlcjEgbGFzdCBuYW1lIiwicHJlZmVycmVkX3VzZXJuYW1lIjoidXNlcjEiLCJnaXZlbl9uYW1lIjoidXNlcjEgZmlyc3QgbmFtZSIsImZhbWlseV9uYW1lIjoidXNlcjEgbGFzdCBuYW1lIiwiZW1haWwiOiJ1c2VyMUBtYWlsLmNvbSJ9.CZZx5tmI80qD84qg_cNjwxE13G6U_q5bm1gFFyvDAb0AZsQpckt83Vp7CyhAy40U7nHnOLaSnoVE3VbJQ65hbKLQiXqNs65GKVEaX0iBDNHGJz1WkWDtC8lox55fbgDaePNE7TGwDx15lIMkBHEdXBrMvl1Cm51Npi7nzsqmu2KdybwvnmVxcFJye3Y_OvbfRgEh2QQP4QrnIl2Qb6BuGcja3FY4SqIVEtMr-ZfXHxi3v9Az3NFWLPKPcGiQmLTVp2tYvAWsVvUWV6tomFGFFKtfaLNyXAk1ztGphPrckkGzIi_T_xKIEh56zD_egURKx0ZiDsTxgzJToRdJt6XIlw", "expires_in": 299, "refresh_expires_in": 1799, "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJhOWFkOTRlMy02ODIzLTQ0MzMtOWYyZC0xMzYzNTA3OTRhMGIifQ.eyJleHAiOjE2NjM4NDUyNDYsImlhdCI6MTY2Mzg0MzQ0NiwianRpIjoiNDc2Y2M0ZWMtYmMwYS00OTUxLTlkMmItMTk1ZmUzMGQyMzZmIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgzL3JlYWxtcy9yZWFsbV8xIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgzL3JlYWxtcy9yZWFsbV8xIiwic3ViIjoiMDI5MjRiNDQtNGZlMS00NjRmLTkzYmItY2E3MzkyZTRjNDk4IiwidHlwIjoiUmVmcmVzaCIsImF6cCI6ImNsaWVudC0xIiwic2Vzc2lvbl9zdGF0ZSI6IjBjYWQ2NmE4LWM0NjUtNGNjZS1hYzIxLTc3YTM0MWI1ZWEzMyIsInNjb3BlIjoicHJvZmlsZSBlbWFpbCIsInNpZCI6IjBjYWQ2NmE4LWM0NjUtNGNjZS1hYzIxLTc3YTM0MWI1ZWEzMyJ9.5Kb2XldpwkEKnGC9baRMDdRDLjid-SpZ1NlnZjse9OE", "token_type": "Bearer", "not-before-policy": 0, "session_state": "0cad66a8-c465-4cce-ac21-77a341b5ea33", "scope": "profile email" } 然后,我将 get 请求发送到 http://localhost:8080/permitAll 并获取 401 响应状态和日志中的以下堆栈跟踪: org.springframework.security.oauth2.jwt.JwtDecoderInitializationException: Failed to lazily resolve the supplied JwtDecoder instance at org.springframework.security.oauth2.jwt.SupplierJwtDecoder.wrapException(SupplierJwtDecoder.java:58) ~[spring-security-oauth2-jose-5.7.3.jar:5.7.3] at org.springframework.security.oauth2.jwt.SupplierJwtDecoder.decode(SupplierJwtDecoder.java:49) ~[spring-security-oauth2-jose-5.7.3.jar:5.7.3] at org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider.getJwt(JwtAuthenticationProvider.java:97) ~[spring-security-oauth2-resource-server-5.7.3.jar:5.7.3] at org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider.authenticate(JwtAuthenticationProvider.java:88) ~[spring-security-oauth2-resource-server-5.7.3.jar:5.7.3] at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-5.7.3.jar:5.7.3] at org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter.doFilterInternal(BearerTokenAuthenticationFilter.java:134) ~[spring-security-oauth2-resource-server-5.7.3.jar:5.7.3] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.22.jar:5.3.22] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.22.jar:5.3.22] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.22.jar:5.3.22] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:112) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:82) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.22.jar:5.3.22] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.22.jar:5.3.22] at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:346) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:221) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:186) ~[spring-security-web-5.7.3.jar:5.7.3] at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354) ~[spring-web-5.3.22.jar:5.3.22] at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267) ~[spring-web-5.3.22.jar:5.3.22] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.22.jar:5.3.22] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.22.jar:5.3.22] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.3.22.jar:5.3.22] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.22.jar:5.3.22] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.3.22.jar:5.3.22] at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.22.jar:5.3.22] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:890) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1789) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.65.jar:9.0.65] at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na] Caused by: java.lang.IllegalArgumentException: Unable to resolve the Configuration with the provided Issuer of "http://localhost:8083/realms/realm_1/.well-known/openid-configuration" at org.springframework.security.oauth2.jwt.JwtDecoderProviderConfigurationUtils.getConfiguration(JwtDecoderProviderConfigurationUtils.java:166) ~[spring-security-oauth2-jose-5.7.3.jar:5.7.3] at org.springframework.security.oauth2.jwt.JwtDecoderProviderConfigurationUtils.getConfigurationForIssuerLocation(JwtDecoderProviderConfigurationUtils.java:79) ~[spring-security-oauth2-jose-5.7.3.jar:5.7.3] at org.springframework.security.oauth2.jwt.JwtDecoders.fromIssuerLocation(JwtDecoders.java:93) ~[spring-security-oauth2-jose-5.7.3.jar:5.7.3] at org.springframework.boot.autoconfigure.security.oauth2.resource.servlet.OAuth2ResourceServerJwtConfiguration$JwtDecoderConfiguration.lambda$jwtDecoderByIssuerUri$3(OAuth2ResourceServerJwtConfiguration.java:141) ~[spring-boot-autoconfigure-2.7.3.jar:2.7.3] at org.springframework.security.oauth2.jwt.SupplierJwtDecoder.decode(SupplierJwtDecoder.java:46) ~[spring-security-oauth2-jose-5.7.3.jar:5.7.3] ... 59 common frames omitted 我在 Spring Boot 2.7.2 和 Keycloak 服务器版本 16.1.1 上遇到了同样的问题(通过 docker-compose jboss/keycloak 运行) 就我而言,此 URI 不起作用: spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8083/realms/realm_1 但是当我在“/realms”应用程序成功启动之前添加“auth”时: spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8083/auth/realms/realm_1 应该就是这个 application.properties spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:8083/realms/realm_1 发行者应与 Keycloak 配置 URL 中的发行者匹配。 我使用 spring 3 也遇到同样的错误。 我检测到 spring 在请求发布 url 时收到 404 错误。但是当我在浏览器中发出相同的请求时,它会起作用。
我觉得这可能是一个愚蠢的问题,但我找不到任何人能准确地拼写出来。 我正在开发第三方集成,并使用 OAuth 2.0 授权与 PKCE 来实现
Swagger 授权时产生“Auth ErrorTypeError: Failed to fetch”
我结合Joseph的博客大致关注了Scott的博客。不幸的是,我收到错误 Auth ErrorTypeError:无法获取。 授权的配置是这样的({tenantId}是一个