spring api gateway 不会将我重定向到 keycloak 提供的 spring-cloud-gateway-client url
Posted
技术标签:
【中文标题】spring api gateway 不会将我重定向到 keycloak 提供的 spring-cloud-gateway-client url【英文标题】:spring api gateway doesnt redirect me to spring-cloud-gateway-client url provided by keycloak 【发布时间】:2021-11-29 17:06:15 【问题描述】:我正在关注 youtube 中的教程,并使用 Keycloak 作为身份提供者、Spring Cloud Gateway 作为 API 网关和多个微服务
我的问题是,spring gateway 将我的 http://localhost:8090/api/product
url 重定向到 http://localhost:8090/login
而不是我在 keycloak 服务器中设置的 http://localhost:8090/login/oauth2/code/spring-cloud-gateway-client
url
api-gateway-service pom 文件
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.5.5</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.example</groupId>
<artifactId>api-gateway-service</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>api-gateway-service</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>11</java.version>
<spring-cloud.version>2020.0.4</spring-cloud.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>$spring-cloud.version</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
api-gateway-service 属性文件
server.port=8090
spring.application.name=api-gateway
spring.cloud.gateway.discovery.locator.enabled=true
spring.cloud.gateway.discovery.locator.lower-case-service-id=true
spring.cloud.gateway.routes[0].id=product-service
spring.cloud.gateway.routes[0].uri=lb://product-service
spring.cloud.gateway.routes[0].predicates[0]=Path=/api/product
eureka.instance.instance-id=$spring.application.name-$random.uuid
spring.security.user.name=aaa
spring.security.user.password=aaa
spring.main.allow-bean-definition-overriding=true
#keycloak configuration
spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8180/auth/realms/microservices-realm
spring.security.oauth2.client.registration.spring-cloud-gateway-client.client-id=spring-cloud-gateway-client
spring.security.oauth2.client.registration.spring-cloud-gateway-client.client-secret=fe7a2722-2c96-45d7-a9e4-6ee9da224a43
spring.security.oauth2.client.registration.spring-cloud-gateway-client.provider=keycloak
spring.security.oauth2.client.registration.spring-cloud-gateway-client.authorization-grant-type=authorization-code
spring.security.oauth2.client.registration.spring-cloud-gateway-client.redirect-uri=http://localhost:8090/login/oauth2/code/spring-cloud-gateway-client
spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://localhost:8180/auth/realms/microservices-realm/protocol/openid-connect/certs
api-gateway-service 安全配置
package com.example.apigatewayservice;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;
@Configuration
@EnableWebFluxSecurity
public class SecurityConfig
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http)
http.authorizeExchange(exchanges -> exchanges.anyExchange().authenticated())
.oauth2Login(Customizer.withDefaults());
http.csrf().disable();
return http.build();
ApiGatewayServiceApplication
nothing special just main method
keyclock 客户端信息 enter image description here
【问题讨论】:
【参考方案1】:没关系,在这个字段的属性文件中 spring.security.oauth2.client.registration.spring-cloud-gateway-client.authorization-grant-type=authorization-code
我写的是授权码而不是授权码
多么愚蠢的错误,花了我 1 小时
【讨论】:
您的答案可以通过额外的支持信息得到改进。请edit 添加更多详细信息,例如引用或文档,以便其他人可以确认您的答案是正确的。你可以找到更多关于如何写好答案的信息in the help center。以上是关于spring api gateway 不会将我重定向到 keycloak 提供的 spring-cloud-gateway-client url的主要内容,如果未能解决你的问题,请参考以下文章
使用自定义中间件会将我重定向到 /home,即使 Laravel 中的中间件是空的
Spring Netflix Zuul:API-Gateway - 转换 JSON 请求
如何使用 Spring Security 保护 REST Web 服务
Spring Boot API Gateway 无法解析名称