OpenID连接认证请求受限

我面临的问题配置OAuth2登录为我的应用https://github.com/Cruelkid/guitar-cloud/tree/develop

2023-04-02T11:52:28.856+03:00 DEBUG 3866 --- [nio-9000-exec-2] org.apache.tomcat.util.http.Parameters   : Start processing with input [response_type=code&client_id=guitar-cloud-client&scope=openid&state=P3j3mwpUvm1UR_tVYjWelCDGauVZxf4ZOOcUyFVSc00%3D&redirect_uri=http://127.0.0.1:8080/login/oauth2/code/guitar-cloud-client-oidc&nonce=D-qBrlre2P-il99B1HW8ejFWfMR1fQHB2QG7WRHydNc]
2023-04-02T11:52:28.857+03:00 DEBUG 3866 --- [nio-9000-exec-2] .s.a.DefaultAuthenticationEventPublisher : No event was found for the exception org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException
2023-04-02T11:52:28.857+03:00 DEBUG 3866 --- [nio-9000-exec-2] o.s.s.web.DefaultRedirectStrategy        : Redirecting to `http://127.0.0.1:8080/login/oauth2/code/guitar-cloud-client-oidc?error=invalid_scope&error_description=OpenID%20Connect%201.0%20authentication%20requests%20are%20restricted.&error_uri=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Frfc6749%23section-4.1.2.1&state=P3j3mwpUvm1UR_tVYjWelCDGauVZxf4ZOOcUyFVSc00%3D`

在结束这样的代码之前，我面临着类似的问题，但有一个认证服务器，但我已经发现这与默认禁用OIDC 1.0有关，但该错误是通过添加这段代码修复的:

http.getConfigurer(OAuth2AuthorizationServerConfigurer.class)
.oidc(Customizer.withDefaults());

不幸的是，对于api客户端，我还没有找到一种方法来做类似的事情

@Configuration(proxyBeanMethods = false)
public class MyAuthorizationServerConfig {
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public SecurityFilterChain authorizationServerSecurityFilterChain(
HttpSecurity http, RegisteredClientRepository registeredClientRepository,
AuthorizationServerSettings authorizationServerSettings) throws Exception {
OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
http
.exceptionHandling((exceptions) -> exceptions
.defaultAuthenticationEntryPointFor(
new LoginUrlAuthenticationEntryPoint("/login"),
new MediaTypeRequestMatcher(MediaType.TEXT_HTML)
)
)
.oauth2ResourceServer(oauth2ResourceServer ->
oauth2ResourceServer.jwt(Customizer.withDefaults()));

http.getConfigurer(OAuth2AuthorizationServerConfigurer.class)
.oidc(Customizer.withDefaults());
return http.build();
}
}

相关内容

最新更新

热门标签：