嗨,我现在正在使用Angluar + Spring Boot来构建一个网络,我正在使用okta单页应用程序进行身份验证。在我的前端,我可以登录并重定向回来,当我调用后端 API 时,我还会在标头中添加Authorization: Bearer {Token}。
所以问题是当我安装 okta-spring-boot-starter(1.4.0( 时,我会得到错误:
Bearer error="invalid_token", error_description="An error occurred while attempting to decode the Jwt: Invalid token", error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"
我想这可能是因为我没有设置 okta 配置。 然后我在 application.yml 文件中添加 okta 属性:
spring:
profiles:
active: "dev"
main:
banner-mode: "off"
okta.oauth2:
client-id: 0oaebbeiaBCbFFtDU4x6
issuer: https://dev-574831.okta.com
audience: https://dev-574831.okta.com
并通过参考以下内容来使用网络安全配置器适配器: https://github.com/okta/samples-java-spring/blob/master/resource-server/src/main/java/com/okta/spring/example/ResourceServerExampleApplication.java
import com.okta.spring.boot.oauth.Okta;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class OktaOAuth2WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/userinfo").permitAll()
.antMatchers("/health").permitAll()
.anyRequest().authenticated()
.and()
.oauth2ResourceServer().jwt();
http.cors();
Okta.configureResourceServer401ResponseBody(http);
}
}
我仍然得到同样的错误。
那么我错过了什么吗?? 还是我的项目无法识别 okta 配置?
试试这个:
okta:
oauth2:
client-id: 0oaebbeiaBCbFFtDU4x6
issuer: https://dev-574831.okta.com/oauth2/default