春季安全性:OAuth在获取访问令牌之前陷入了重定向循环,但初始页面旁的页面均未受到保护

分类:编程问答

如何解决春季安全性:OAuth在获取访问令牌之前陷入了重定向循环,但初始页面旁的页面均未受到保护

我有一个与React捆绑在一起的Spring Boot应用程序。

React是一个单页应用程序,位于http:// localhost:8080 /。它将进行任何页面更改并更新本地浏览器URL,以使其看起来像已更改为新页面,但是,它实际上仍然位于根位置。例如,单击“管理仪表板”将更新浏览器URL,使其显示为“ http:// localhost:8080 / admin”,但它仍将显示在主页上(对任何过度解释表示歉意)。

但是,如果用户单击刷新,浏览器将向服务器询问/ admin,但实际上不存在。要解决此问题,我将任何404错误重定向回根URL (http:// localhost:8080 /),React将智能地显示“管理”页面,因此它看起来不仅仅是一个单页面的应用程序。

这很好,但是我当前的问题是我正在尝试更改安全性,以便我的应用程序成为 OAuth 1.0a (生产者是仅支持1.0a的较早应用程序)并根据第三方OAuth Producer应用程序对用户进行身份验证,如果凭据成功通过身份验证,则凭据将被重定向回我的应用程序,并可以继续访问我的应用程序受保护的资源(但是,请问我是否对此工作有错误的期望)。

问题:该应用程序将请求重定向到第三方应用程序,我可以正常登录。但是,我陷入了OAuth循环,并因ERR_TOO_MANY_REDIRECTS而超时。我认为它停留在步骤3中,在该步骤中将其重定向到应用程序,然后应用程序应交换访问令牌的详细信息。我认为处理第3步的所有内容都被视为受保护的资源,因此它会不断重播OAuth流,但不确定。但这是没有意义的,因为除授权资源(/ static / testing / **-这是该目录中唯一的东西-更改了它,以便我可以更确定地布局)之外,所有请求都被允许。我需要使用自己的代码来处理最后一步吗?

这是页面超时并显示ERR_TOO_MANY_REDIRECTS时的最终URL。它具有许多新的?oauth_token =&oauth_verifier =实例。每个键都有不同的键,因此似乎碰到了一些东西,阻止了它完成OAuth流程,并从头开始不断重复这些步骤,但卡在了同一位置。

http://localhost:8080/static/testing/index.html?oauth_token=b20eecd7a7994a62b751b43458049302&oauth_verifier=c03877ca49be497fb7f2e803e97e8137&oauth_token=25097eab2e3b4b97bf6cbb5a112bb4a8&oauth_verifier=74877789499242f18a9b4d01ee9fea44&oauth_token=6d3136579d234b1c8d21c5f1aabe43a1&oauth_verifier=fe51e99d83954f928b598923ff10fc44&oauth_token=dcb33bce0d8b40d89ae09429adc0fd73&oauth_verifier=4df25da7f1b1403880dce4f7d36b25a5&oauth_token=e9cb8a40323448bbad391df137b7e81d&oauth_verifier=885aa185049f426895529885f34f85c6&oauth_token=bcbe5012553e405c8b6699907fd78256&oauth_verifier=ee9c69c3d1df433289562008b5483810&oauth_token=d7fb00125b664bff820488dc4bc1852d&oauth_verifier=b0c7dee12f4647f2821860170b1c6c42&oauth_token=fbb0f9a6075345c6b1e2c1f11fc874a6&oauth_verifier=f30761f460134103a132c60803145358&oauth_token=ff5da5a77b2e4599b3b3465b48668504&oauth_verifier=a9fe7da1abb1460a8836896aaa442cc9&oauth_token=726ea4b12fd8445bb2cb5e1de10fd94b&oauth_verifier=8d8653ea2dbe4547a0401c6b8524638b&oauth_token=6b8e507ce3254f79b8ce6d98c9ec6784&oauth_verifier=491e101a3cc04c01b16e8834711a0ac8&oauth_token=792be2983ca1496a9ec0f7384eae6316&oauth_verifier=db916051bff443ceacd1b59d2d87cdb8&oauth_token=98f1d137d7144e568f96b7b21df0679c&oauth_verifier=06c3c963161d4fcd966573db262d021c&oauth_token=74ef3c374186405a93a507ebfd7779f0&oauth_verifier=9e492fcf456d4c4e80cb21ed5ec9c6e5&oauth_token=6d609503d8c64cca993ab9298a85054e&oauth_verifier=41e4aca57f184c7b88f4d82820c1f5ab&oauth_token=0f32bfceaa474bff91a88dafe4da9d66&oauth_verifier=59a67e101fe64ee7ba7531d8cb7f65af&oauth_token=af4065dac8184b748d8719cc2f2d429d&oauth_verifier=20d0ffee40214635a12f987b7d338053&oauth_token=718f65634195446c831b8acc9d9ddc81&oauth_verifier=3e6b0ac42028403abf0ed77d0b205fe7&oauth_token=6ce3d8e1460748ccb6a5a151cc467d40&oauth_verifier=dd5173ad4fab491aab50a66047329dfa

注意:这是我的应用程序中的重定向(不直接相关,但可能希望提供上下文)

重定向: 

*RedirectController*: /private to /  <-- was used in the original login implementation
*NotFoundHandler*: 404 to /static/index.html
*WebSocketConfig*: Registered at /ws
 
*NotFoundHandler Source Code*: (and we removed application.getSources().remove(ErrorPageFilter.class) from ApplicationContext)

@ControllerAdvice
public class NotFoundHandler {

    @ExceptionHandler(NoHandlerFoundException.class)
    public ResponseEntity<String> renderDefaultPage() {
        try {
            InputStream inputStream = new ClassPathResource("/static/index.html").getInputStream();
            String body = StreamUtils.copyToString(inputStream,Charset.defaultCharset());
            return ResponseEntity.ok().contentType(MediaType.TEXT_HTML).body(body);
        } catch (IOException e) {
            e.printStackTrace();
            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("There was an error completing the action.");
        }
    }
}

OAuth配置: 注意:除一个目录(/ static / testing / )外,我已允许所有未经身份验证(/ )的请求-至少这是我的意图。

@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        // permit all requests (except the /static/testing/** which is called out further down)
        http.authorizeRequests().antMatchers("/**").permitAll();

        http.addFilterAfter(this.oauthConsumerContextFilter(),SwitchUserFilter.class);
        http.addFilterAfter(this.oauthConsumerProcessingFilter(),OAuthConsumerContextFilter.class);
    }

    // IMPORTANT: this must not be a Bean
    OAuthConsumerContextFilter oauthConsumerContextFilter() {
        OAuthConsumerContextFilter filter = new OAuthConsumerContextFilter();
        filter.setConsumerSupport(this.consumerSupport());
        return filter;
    }

    // IMPORTANT: this must not be a Bean
    OAuthConsumerProcessingFilter oauthConsumerProcessingFilter() {
        OAuthConsumerProcessingFilter filter = new OAuthConsumerProcessingFilter();
        filter.setProtectedResourceDetailsService(this.prds());

        LinkedHashMap<RequestMatcher,Collection<ConfigAttribute>> map = new LinkedHashMap<>();

        // one entry per oauth:url element in xml
        map.put(
                // 1st arg is equivalent of url:pattern in xml
                // 2nd arg is equivalent of url:httpMethod in xml
                new AntPathRequestMatcher("/static/testing/**",null),// arg is equivalent of url:resources in xml
                // IMPORTANT: this must match the ids in prds() and prd() below
                Collections.singletonList(new SecurityConfig("myResource")));

        filter.setObjectDefinitionSource(new DefaultFilterInvocationSecurityMetadataSource(map));

        return filter;
    }

    @Bean // optional,I re-use it elsewhere,hence the Bean
    OAuthConsumerSupport consumerSupport() {
        CoreOAuthConsumerSupport consumerSupport = new CoreOAuthConsumerSupport();
        consumerSupport.setProtectedResourceDetailsService(prds());
        return consumerSupport;
    }

    @Bean // optional,hence the Bean
    ProtectedResourceDetailsService prds() {
        return (String id) -> {
            switch (id) {
                // this must match the id in prd() below
                case "myResource":
                    return prd();
            }
            throw new RuntimeException("Invalid id: " + id);
        };
    }

    ProtectedResourceDetails prd() {
        BaseProtectedResourceDetails details = new BaseProtectedResourceDetails();

        // this must be present and match the id in prds() and prd() above
        details.setId("myResource");

        details.setConsumerKey("<consumer key was here>");
        details.setSharedSecret(new SharedConsumerSecretImpl("<consumer secret was here>"));

        details.setRequestTokenURL("https://localhost:9443/oauth-request-token");
        details.setUserAuthorizationURL("https://localhost:9443/oauth-authorize");
        details.setAccessTokenURL("https://localhost:9443/oauth-access-token");

        // any other service-specific settings

        return details;
    }
}

最终问题 在它从生产者那里收到oauth_token和oauth_verifier之后,它似乎陷入了OAuth流程的最后一个主要步骤,并且从未提出使用访问令牌URL获取访问令牌的最终请求。有谁知道为什么此时会卡住?

是否在最后一步中将其重定向回受保护的资源(/static/testing/index.html),并且oauthConsumerProcessingFilter并未首先拦截请求并请求访问令牌?

或者是我应该将/static/testing/index.html转发给提供程序,而不是提供本地内容,并且我对OAuth流程的理解对于我用例来说是开箱即用的尝试做(真的是在访问我自己的应用程序保护的资源时,仅使用OAuth对提供者进行用户验证)?

##################### EDIT ##################### #

添加Spring日志:

这是Spring日志,显示来自Provider的初始令牌请求,以及重定向到Provider的信息,但是一旦Provider登录并重定向回回调,Spring将无法识别当前进行中的oauth进程,并使用附加到网址的oauth_token和oauth_verifier重新开始,并无限期地循环此过程,直到浏览器出现ERR_TOO_MANY_REDIRECTS失败为止。

2020-08-12T14:53:56,383 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2020-08-12T14:53:56,383 DEBUG http-nio-8080-exec-1 o.s.s.w.c.HttpSessionSecurityContextRepository: No HttpSession currently exists
2020-08-12T14:53:56,383 DEBUG http-nio-8080-exec-1 o.s.s.w.c.HttpSessionSecurityContextRepository: No SecurityContext was available from the HttpSession: null. A new one will be created.
2020-08-12T14:53:56,385 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2020-08-12T14:53:56,385 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
2020-08-12T14:53:56,386 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 5 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
2020-08-12T14:53:56,386 DEBUG http-nio-8080-exec-1 o.s.s.w.u.m.AntPathRequestMatcher: Request 'GET /static/testing/index.html' doesn't match 'POST /logout'
2020-08-12T14:53:56,386 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 6 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2020-08-12T14:53:56,386 DEBUG http-nio-8080-exec-1 o.s.s.w.s.HttpSessionRequestCache: saved request doesn't match
2020-08-12T14:53:56,386 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 7 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2020-08-12T14:53:56,387 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 8 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2020-08-12T14:53:56,388 DEBUG http-nio-8080-exec-1 o.s.s.w.a.AnonymousAuthenticationFilter: Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@7bf9dbd5: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2020-08-12T14:53:56,388 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 9 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
2020-08-12T14:53:56,388 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 10 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2020-08-12T14:53:56,389 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 11 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2020-08-12T14:53:56,389 DEBUG http-nio-8080-exec-1 o.s.s.w.u.m.AntPathRequestMatcher: Request '/static/testing/index.html' matched by universal pattern '/**'  (it matches against the /** permit All)
2020-08-12T14:53:56,389 DEBUG http-nio-8080-exec-1 o.s.s.a.i.AbstractSecurityInterceptor: Secure object: FilterInvocation: URL: /static/testing/index.html; Attributes: [permitAll]
2020-08-12T14:53:56,389 DEBUG http-nio-8080-exec-1 o.s.s.a.i.AbstractSecurityInterceptor: Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@7bf9dbd5: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
2020-08-12T14:53:56,393 DEBUG http-nio-8080-exec-1 o.s.s.a.v.AffirmativeBased: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@2987f971,returned: 1
2020-08-12T14:53:56,393 DEBUG http-nio-8080-exec-1 o.s.s.a.i.AbstractSecurityInterceptor: Authorization successful
2020-08-12T14:53:56,393 DEBUG http-nio-8080-exec-1 o.s.s.a.i.AbstractSecurityInterceptor: RunAsManager did not change Authentication object
2020-08-12T14:53:56,393 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 12 of 13 in additional filter chain; firing Filter: 'OAuthConsumerContextFilter'
2020-08-12T14:53:56,394 DEBUG http-nio-8080-exec-1 o.s.s.o.c.f.OAuthConsumerContextFilter: Storing access tokens in request attribute 'OAUTH_ACCESS_TOKENS'.
2020-08-12T14:53:56,394 DEBUG http-nio-8080-exec-1 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html at position 13 of 13 in additional filter chain; firing Filter: 'OAuthConsumerProcessingFilter'
2020-08-12T14:53:56,394 DEBUG http-nio-8080-exec-1 o.s.s.w.u.m.AntPathRequestMatcher: Checking match of request : '/static/testing/index.html'; against '/static/testing/**' (it further matches against the OAuth resource since it is /static/testing/**)
2020-08-12T14:53:56,404 DEBUG http-nio-8080-exec-1 o.s.s.o.c.f.OAuthConsumerContextFilter: Obtaining request token for resource: myResource (Step 1a: Getting request token from JTS. The callback URL is the protected page that we requested,is that a problem? Or should a filter intercept it on the next step to take over part 3 in the process before actually requesting the resource?)
 
2020-08-12T14:53:56,548 DEBUG http-nio-8080-exec-1 o.s.s.o.c.s.HMAC_SHA1SignatureMethod: signature base: POST&https%3A%2F%2Flocalhost%3A9443%2Fjts%2Foauth-request-token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A8080%252Fstatic%252Ftesting%252Findex.html%26oauth_consumer_key%3D14b5f4e56856464c9ba64e11a6d558cb%26oauth_nonce%3Dce7d30a7-0b11-4525-a42f-9a353868a5f2%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1597258436%26oauth_version%3D1.0
2020-08-12T14:53:56,548 DEBUG http-nio-8080-exec-1 o.s.s.o.c.s.HMAC_SHA1SignatureMethod: signature: zAri6vOmcybjeKi3W6CvTkMv5uk=
2020-08-12T14:53:56,628 DEBUG http-nio-8080-exec-1 o.s.s.o.c.f.OAuthConsumerContextFilter: Request token obtained for resource myResource: cba433cd39a34a34a80e3dbe96d593bd (Step 1b:Received the request token from JTS)
 
2020-08-12T14:53:56,629 DEBUG http-nio-8080-exec-1 o.s.s.o.c.f.OAuthConsumerContextFilter: Redirecting request to https://localhost:9443/jts/oauth-authorize?oauth_token=cba433cd39a34a34a80e3dbe96d593bd for user authorization of the request token for resource myResource. (Step 2a: redirecting user to the JTS login page for authorization)
 
2020-08-12T14:53:56,629 DEBUG http-nio-8080-exec-1 o.s.s.w.DefaultRedirectStrategy: Redirecting to 'https://localhost:9443/jts/oauth-authorize?oauth_token=cba433cd39a34a34a80e3dbe96d593bd'
2020-08-12T14:53:56,630 DEBUG http-nio-8080-exec-1 o.s.s.w.h.w.HstsHeaderWriter: Not injecting HSTS header since it did not match the requestMatcher (is this line and the next 3 a problem? Should it be storing the security context and can’t because of the http/https mismatch?)org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@3df79515
2020-08-12T14:53:56,630 DEBUG http-nio-8080-exec-1 o.s.s.w.c.HttpSessionSecurityContextRepository$SaveToSessionResponseWrapper: SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2020-08-12T14:53:56,631 DEBUG http-nio-8080-exec-1 o.s.s.w.a.ExceptionTranslationFilter: Chain processed normally
2020-08-12T14:53:56,632 DEBUG http-nio-8080-exec-1 o.s.s.w.c.SecurityContextPersistenceFilter: SecurityContextHolder now cleared,as request processing completed
2020-08-12T14:53:59,846 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?  (We’ve now received the call back redirection from JTS to go back to /static/testing/index.html but with the oauth_token and oauth_verifier which would be used in the final step,sending those back to JTS to get a oauth_access token (using /jts/oauth-access-token). However,it seems it doesn’t realize it has the current OAuth flow in process,and repeats all of the above steps in an infinite loop til the browser stops the process with ERR_TOO_MANY_REDIRECTS. Is this because the SecurityContext wasn’t stored? Or another configuration issue I’m missing?). oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 1 of 13 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2020-08-12T14:53:59,846 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 2 of 13 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2020-08-12T14:53:59,846 DEBUG http-nio-8080-exec-2 o.s.s.w.c.HttpSessionSecurityContextRepository: No HttpSession currently exists
2020-08-12T14:53:59,847 DEBUG http-nio-8080-exec-2 o.s.s.w.c.HttpSessionSecurityContextRepository: No SecurityContext was available from the HttpSession: null. A new one will be created.
2020-08-12T14:53:59,847 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 3 of 13 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2020-08-12T14:53:59,847 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 4 of 13 in additional filter chain; firing Filter: 'CsrfFilter'
2020-08-12T14:53:59,847 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 5 of 13 in additional filter chain; firing Filter: 'LogoutFilter'
2020-08-12T14:53:59,847 DEBUG http-nio-8080-exec-2 o.s.s.w.u.m.AntPathRequestMatcher: Request 'GET /static/testing/index.html' doesn't match 'POST /logout'
2020-08-12T14:53:59,847 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 6 of 13 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2020-08-12T14:53:59,848 DEBUG http-nio-8080-exec-2 o.s.s.w.s.HttpSessionRequestCache: saved request doesn't match
2020-08-12T14:53:59,848 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 7 of 13 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2020-08-12T14:53:59,848 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 8 of 13 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2020-08-12T14:53:59,848 DEBUG http-nio-8080-exec-2 o.s.s.w.a.AnonymousAuthenticationFilter: Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@7bf9dbd5: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2020-08-12T14:53:59,848 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 9 of 13 in additional filter chain; firing Filter: 'SessionManagementFilter'
2020-08-12T14:53:59,849 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 10 of 13 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2020-08-12T14:53:59,849 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 11 of 13 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2020-08-12T14:53:59,849 DEBUG http-nio-8080-exec-2 o.s.s.w.u.m.AntPathRequestMatcher: Request '/static/testing/index.html' matched by universal pattern '/**'
2020-08-12T14:53:59,849 DEBUG http-nio-8080-exec-2 o.s.s.a.i.AbstractSecurityInterceptor: Secure object: FilterInvocation: URL: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca; Attributes: [permitAll]
2020-08-12T14:53:59,849 DEBUG http-nio-8080-exec-2 o.s.s.a.i.AbstractSecurityInterceptor: Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@7bf9dbd5: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
2020-08-12T14:53:59,850 DEBUG http-nio-8080-exec-2 o.s.s.a.v.AffirmativeBased: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@2987f971,returned: 1
2020-08-12T14:53:59,850 DEBUG http-nio-8080-exec-2 o.s.s.a.i.AbstractSecurityInterceptor: Authorization successful
2020-08-12T14:53:59,850 DEBUG http-nio-8080-exec-2 o.s.s.a.i.AbstractSecurityInterceptor: RunAsManager did not change Authentication object
2020-08-12T14:53:59,850 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 12 of 13 in additional filter chain; firing Filter: 'OAuthConsumerContextFilter'
2020-08-12T14:53:59,851 DEBUG http-nio-8080-exec-2 o.s.s.o.c.f.OAuthConsumerContextFilter: Storing access tokens in request attribute 'OAUTH_ACCESS_TOKENS'.
2020-08-12T14:53:59,851 DEBUG http-nio-8080-exec-2 o.s.s.w.FilterChainProxy$VirtualFilterChain: /static/testing/index.html?oauth_token=cba433cd39a34a34a80e3dbe96d593bd&oauth_verifier=82d017779d1547129e84b3173e7c3dca at position 13 of 13 in additional filter chain; firing Filter: 'OAuthConsumerProcessingFilter'
2020-08-12T14:53:59,851 DEBUG http-nio-8080-exec-2 o.s.s.w.u.m.AntPathRequestMatcher: Checking match of request : '/static/testing/index.html'; against '/static/testing/**'
2020-08-12T14:53:59,852 DEBUG http-nio-8080-exec-2 o.s.s.o.c.f.OAuthConsumerContextFilter: Obtaining request token for resource: myResource
2020-08-12T14:53:59,853 DEBUG http-nio-8080-exec-2 o.s.s.o.c.s.HMAC_SHA1SignatureMethod: signature base: POST&https%3A%2F%2Flocalhost%3A9443%2Fjts%2Foauth-request-token&oauth_callback%3Dhttp%253A%252F%252Flocalhost%253A8080%252Fstatic%252Ftesting%252Findex.html%253Foauth_token%253Dcba433cd39a34a34a80e3dbe96d593bd%2526oauth_verifier%253D82d017779d1547129e84b3173e7c3dca%26oauth_consumer_key%3D14b5f4e56856464c9ba64e11a6d558cb%26oauth_nonce%3D08415a86-c1b8-4bcf-9379-961afddd6f3e%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1597258439%26oauth_version%3D1.0
2020-08-12T14:53:59,853 DEBUG http-nio-8080-exec-2 o.s.s.o.c.s.HMAC_SHA1SignatureMethod: signature: x/yPyZhL1RS8RqDOpqnpBwjG57I=
2020-08-12T14:53:59,856 DEBUG http-nio-8080-exec-2 o.s.s.o.c.f.OAuthConsumerContextFilter: Request token obtained for resource myResource: c97af51ba3554c24a8a00642ca84d950
2020-08-12T14:53:59,856 DEBUG http-nio-8080-exec-2 o.s.s.o.c.f.OAuthConsumerContextFilter: Redirecting request to https://localhost:9443/jts/oauth-authorize?oauth_token=c97af51ba3554c24a8a00642ca84d950 for user authorization of the request token for resource myResource.
2020-08-12T14:53:59,856 DEBUG http-nio-8080-exec-2 o.s.s.w.DefaultRedirectStrategy: Redirecting to 'https://localhost:9443/jts/oauth-authorize?oauth_token=c97af51ba3554c24a8a00642ca84d950'
2020-08-12T14:53:59,857 DEBUG http-nio-8080-exec-2 o.s.s.w.h.w.HstsHeaderWriter: Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@3df79515
2020-08-12T14:53:59,857 DEBUG http-nio-8080-exec-2 o.s.s.w.c.HttpSessionSecurityContextRepository$SaveToSessionResponseWrapper: SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2020-08-12T14:53:59,857 DEBUG http-nio-8080-exec-2 o.s.s.w.a.ExceptionTranslationFilter: Chain processed normally
2020-08-12T14:53:59,858 DEBUG http-nio-8080-exec-2 o.s.s.w.c.SecurityContextPersistenceFilter: SecurityContextHolder now cleared,as request processing completed```

解决方法

不确定错误是什么,但是一旦将Provider移到它自己的主机,域和正确的SSL设置后,它便开始正常工作。 (以前两者都在本地主机上,并且提供程序具有无效的SSL证书,但我已将其导入到JRE中。)

感谢@jzheaux!

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。

相关推荐

导入项目后报错问题
依赖报错 idea导入项目后依赖报错,解决方案:https://blog.csdn.net/weixin_42420249/article/details/81191861 依赖版本报错:更换其他版本 无法下载依赖可参考:https://blog.csdn.net/weixin_42628809/a
idea不能识别yaml文件
使用mybatis plus常见错误
错误1:代码生成器依赖和mybatis依赖冲突 启动项目时报错如下 2021-12-03 13:33:33.927 ERROR 7228 [ main] o.s.b.d.LoggingFailureAnalysisReporter : *************************** APPL
gradle常见问题与错误
错误1:gradle项目控制台输出为乱码 # 解决方案:https://blog.csdn.net/weixin_43501566/article/details/112482302 # 在gradle-wrapper.properties 添加以下内容 org.gradle.jvmargs=-Df
Mybatis Plus传入参数0不起作用
错误还原:在查询的过程中,传入的workType为0时,该条件不起作用 &lt;select id=&quot;xxx&quot;&gt; SELECT di.id, di.name, di.work_type, di.updated... &lt;where&gt; &lt;if test=&qu
linux中make编译源码包失败
报错如下,gcc版本太低 ^ server.c:5346:31: 错误:‘struct redisServer’没有名为‘server_cpulist’的成员 redisSetCpuAffinity(server.server_cpulist); ^ server.c: 在函数‘hasActiveC
微服务启动错误:Command line is too long. Shorten command line for
解决方案1 1、改项目中.idea/workspace.xml配置文件,增加dynamic.classpath参数 2、搜索PropertiesComponent,添加如下 &lt;property name=&quot;dynamic.classpath&quot; value=&quot;tru
vue常见错误
删除根组件app.vue中的默认代码后报错:Module Error (from ./node_modules/eslint-loader/index.js): 解决方案:关闭ESlint代码检测,在项目根目录创建vue.config.js,在文件中添加 module.exports = { lin
spark常见错误
查看spark默认的python版本 [root@master day27]# pyspark /home/software/spark-2.3.4-bin-hadoop2.7/conf/spark-env.sh: line 2: /usr/local/hadoop/bin/hadoop: No s
matplotlib报错:AttributeError: module 'backend_interagg' has no attribute 'FigureCanvas'. Did you mean: 'FigureCanvasAgg'?
使用本地python环境可以成功执行 import pandas as pd import matplotlib.pyplot as plt # 设置字体 plt.rcParams[&#39;font.sans-serif&#39;] = [&#39;SimHei&#39;] # 能正确显示负号 p
gitlab登录失败,报错:This challenge page was accidentally cached by an intermediary and is no longer available.
设置时间 控制面板
后端开发常见错误
错误1:Request method ‘DELETE‘ not supported 错误还原:controller层有一个接口,访问该接口时报错:Request method ‘DELETE‘ not supported 错误原因:没有接收到前端传入的参数,修改为如下 参考 错误2:cannot r
docker常见错误
错误1:启动docker镜像时报错:Error response from daemon: driver failed programming external connectivity on endpoint quirky_allen 解决方法:重启docker -&gt; systemctl r
idea常见错误
错误1:private field ‘xxx‘ is never assigned 按Altʾnter快捷键,选择第2项 参考:https://blog.csdn.net/shi_hong_fei_hei/article/details/88814070 错误2:启动时报错,不能找到主启动类 #
pip安装依赖失败
报错如下,通过源不能下载,最后警告pip需升级版本 Requirement already satisfied: pip in c:\users\ychen\appdata\local\programs\python\python310\lib\site-packages (22.0.4) Coll
maven常见错误
错误1:maven打包报错 错误还原:使用maven打包项目时报错如下 [ERROR] Failed to execute goal org.apache.maven.plugins:maven-resources-plugin:3.2.0:resources (default-resources)
cloud项目中常见错误
错误1:服务调用时报错 服务消费者模块assess通过openFeign调用服务提供者模块hires 如下为服务提供者模块hires的控制层接口 @RestController @RequestMapping(&quot;/hires&quot;) public class FeignControl
springboot常见错误
错误1:运行项目后报如下错误 解决方案 报错2:Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.1:compile (default-compile) on project sb 解决方案:在pom.
springmvc拦截器中使用redisTemplate报空指针异常
参考 错误原因 过滤器或拦截器在生效时,redisTemplate还没有注入 解决方案:在注入容器时就生效 @Component //项目运行时就注入Spring容器 public class RedisBean { @Resource private RedisTemplate&lt;String
vite报错:npm ERR! command C:WINDOWSsystem32cmd.exe /d /s /c C:UsersychenAppDataLocalTempnpx-dde1c848.cmd
使用vite构建项目报错 C:\Users\ychen\work&gt;npm init @vitejs/app @vitejs/create-app is deprecated, use npm init vite instead C:\Users\ychen\AppData\Local\npm-
pythonJavaScriptjavaHTMLPHPreactjsC#AndroidCSSNode.jssqlrpython-3.xMysqLjQueryc++pandasFlutterangularIOSdjangolinuxswifttypescript路由器JSON路由器设置无线路由器h3c华三华三路由器设置华三路由器电脑软件教程arraysdocker软件图文教程Cvue.jslaravelspring-boot