Spring Boot 26 -- URI 和 URL、URN 的区别

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Spring Boot 26 -- URI 和 URL、URN 的区别相关的知识,希望对你有一定的参考价值。

参考技术A uniform resource identifier,统一资源标识符,用来唯一的标识一个资源。

uniform resource locator,统一资源定位器,它是一种具体的URI,即URL可以用来标识一个资源,而且还指明了如何locate这个资源。

uniform resource name,统一资源命名,是通过名字来标识资源,比如 mailto:java-net@java.sun.com 。

Spring Boot + Oauth 2单点登录ridirect uri错误行为

我需要使用Spring Boot(2.1.9.RELEASE)和OAuth2实现Single Sign-On应用程序。我还创建了两个客户端应用程序和身份验证服务器。当我点击客户端应用程序URL时,它成功重定向到身份验证服务器并验证用户名和密码。但是,当它重定向回到客户端应用程序时,始终会出现以下oauth错误。

error="invalid_grant", error_description="Invalid redirect: http://localhost:8082/app1/login does not match one of the registered values: [http://localhost:8082/app1]"

这里,我注意到总是总是将/ login路径自动附加到重定向uri的末尾。也许这是Spring Boot SSO的默认行为。我尝试了许多方法来解决此错误,但无法解决。谁能帮我。

我已经关注了示例项目sample project

步骤

  1. 命中客户端应用程序网址(http://localhost:8082/app1
  2. 成功重定向到身份验证服务器(http://localhost:8081/auth/login
  3. 输入用户名和密码并验证
  4. 带有错误的重定向URLhttp://localhost:8081/auth/oauth/authorize?client_id=foo&redirect_uri=http://localhost:8082/app1/login&response_type=code&state=03W7yX

认证服务器

POM文件

<properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <java.version>11</java.version>
        <spring-cloud.version>Finchley.SR1</spring-cloud.version>
    </properties>

    <dependencies>

        <dependency>
            <groupId>org.springframework.security.oauth.boot</groupId>
            <artifactId>spring-security-oauth2-autoconfigure</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>jakarta.xml.bind</groupId>
            <artifactId>jakarta.xml.bind-api</artifactId>
            <version>2.3.2</version>
        </dependency>

        <dependency>
            <groupId>javax.xml.bind</groupId>
            <artifactId>jaxb-api</artifactId>
            <version>2.3.1</version>
        </dependency>

        <dependency>
            <groupId>org.glassfish.jaxb</groupId>
            <artifactId>jaxb-runtime</artifactId>
            <version>2.3.0-b170127.1453</version>
        </dependency>
    </dependencies>

    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>$spring-cloud.version</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>

Main Class

@SpringBootApplication
@EnableResourceServer
public class TestProjectApplication 

    public static void main(String[] args) 
        SpringApplication.run(TestProjectApplication.class, args);
    

安全配置类

@Configuration
@Order(1)
public class SecurityConfig extends WebSecurityConfigurerAdapter 

    @Override
    protected void configure(HttpSecurity http) throws Exception 
        http.requestMatchers()
                .antMatchers("/login", "/oauth/authorize")
                .and()
                .authorizeRequests()
                .anyRequest().authenticated()
                .and()
                .formLogin().permitAll();
    

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception 
        auth.inMemoryAuthentication()
                .withUser("john")
                .password(passwordEncoder().encode("123"))
                .roles("USER");
    

    @Bean
    public BCryptPasswordEncoder passwordEncoder() 
        return new BCryptPasswordEncoder();
    

客户端应用程序

POM文件

<properties>
        <java.version>11</java.version>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <spring-cloud.version>Finchley.SR1</spring-cloud.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-oauth2</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.thymeleaf.extras</groupId>
            <artifactId>thymeleaf-extras-springsecurity5</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>

    </dependencies>

    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>$spring-cloud.version</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>

Main Class

@SpringBootApplication
@EnableOAuth2Sso
public class App1Application implements WebMvcConfigurer 

    @Override
    public void addViewControllers(ViewControllerRegistry registry) 
        registry.addViewController("/").setViewName("index");
    

    public static void main(String[] args) 
        SpringApplication.run(App1Application.class, args);
    


Application.yml

server:
  port: 8082
  servlet:
    context-path: /app1
spring:
  main:
    allow-bean-definition-overriding: true
security:
  basic:
    enabled: false
  oauth2:
    client:
      clientId: foo
      clientSecret: bar
      accessTokenUri: http://localhost:8081/auth/oauth/token
      userAuthorizationUri: http://localhost:8081/auth/oauth/authorize
    resource:
      userInfoUri: http://localhost:8080/auth/user/me
答案

最后可以找到答案。问题是春季启动版本。我已将Spring Boot版本更改为2.1.3.RELEASE。现在它正在按预期工作。但是仍然不知道为什么它不能在最新的春季启动版本中工作。

以上是关于Spring Boot 26 -- URI 和 URL、URN 的区别的主要内容,如果未能解决你的问题,请参考以下文章

Spring Boot + Oauth 2单点登录ridirect uri错误行为

如何在Spring Boot中获取真实的uri地址?

Spring Boot OAuth2 资源服务器 - 调用 user-info-uri 或 token-info-uri 时出错

Spring Boot 安全性的基本 URI

spring boot RESTfuldemo测试类

如何使用 Spring Boot 在 Keycloak 中设置 redirect_uri