春季启动2.0.0.M4的OAuth2令牌端点抛出org.springframework.web.HttpRequestMethodNotSupportedException
我试图从迁移春季启动1.5.7
到2.0.0.M4
春季启动2.0.0.M4的OAuth2令牌端点抛出org.springframework.web.HttpRequestMethodNotSupportedException
现在我无法正确地重新配置我的OAuth2 +智威汤逊在春季启动配置2.0.0.M4
在启动过程中,我发现下面的错误日志中/oauth/token
端点(throws org.springframework.web.HttpRequestMethodNotSupportedException
):
2017-10-04 09:52:46.841 INFO 11780 --- [ main] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/authorize],methods=[POST],params=[user_oauth_approval]}" onto public org.springframework.web.servlet.View org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.approveOrDeny(java.util.Map<java.lang.String, java.lang.String>,java.util.Map<java.lang.String, ?>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
2017-10-04 09:52:46.842 INFO 11780 --- [ main] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/authorize]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(java.util.Map<java.lang.String, java.lang.Object>,java.util.Map<java.lang.String, java.lang.String>,org.springframework.web.bind.support.SessionStatus,java.security.Principal)
2017-10-04 09:52:46.843 INFO 11780 --- [ main] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/token],methods=[GET]}" onto public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>) throws org.springframework.web.HttpRequestMethodNotSupportedException
2017-10-04 09:52:46.844 INFO 11780 --- [ main] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/token],methods=[POST]}" onto public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.postAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>) throws org.springframework.web.HttpRequestMethodNotSupportedException
2017-10-04 09:52:46.845 INFO 11780 --- [ main] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/check_token]}" onto public java.util.Map<java.lang.String, ?> org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint.checkToken(java.lang.String)
2017-10-04 09:52:46.845 INFO 11780 --- [ main] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/confirm_access]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint.getAccessConfirmation(java.util.Map<java.lang.String, java.lang.Object>,javax.servlet.http.HttpServletRequest) throws java.lang.Exception
2017-10-04 09:52:46.846 INFO 11780 --- [ main] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/error]}" onto public org.springframework.web.servlet.ModelAndView org.springframework.security.oauth2.provider.endpoint.WhitelabelErrorEndpoint.handleError(javax.servlet.http.HttpServletRequest)
2017-10-04 09:52:46.848 INFO 11780 --- [ main] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped "{[/oauth/token_key],methods=[GET]}" onto public java.util.Map<java.lang.String, java.lang.String> org.springframework.security.oauth2.provider.endpoint.TokenKeyEndpoint.getKey(java.security.Principal)
我n阶重现这个问题,我HVE创建GitHub的项目 - https://github.com/Artgit/spring-boot-2.0.0.M4-oauth2-token-issue/tree/master/api
我为了制作这个问题,请尝试执行com.decisionwanted.domain.api.decision.DecisionControllerIT.testCreateDecision()
测试
我在代码和pom.xml的混乱表示歉意。我已经从多模块Maven应用程序编译此测试项目用于测试目的。
请帮我解决我的CONFIGS为了能够工作,春季启动2.0.0.M4
修订
调试时,我发现server.contextPath: /api
从application.properties
不考虑。现在我需要使用/oauth/token
(而不是像我用Spring Boot 1.5.7那样的/api/oauth/token
)来获取令牌。这可能是什么原因以及如何解决这个问题?
我找到了问题的原因 - 根据下列文件https://docs.spring.io/spring-boot/docs/current-SNAPSHOT/reference/htmlsingle/同春启动2 *下列财产应以定义应用程序的上下文路径中:
server.servlet.context-path= /api
请注意,春天引导1.5。*财产
server.contextPath: /api
是不考虑
很遗憾,您的应用程序的过大,在合理数量的理解所以我无法准确诊断问题。但是,我可以通过为org.springframework.security启用调试日志记录来运行它,并观察对“/ api/oauth/token”的请求由于无效的CSRF令牌而被拒绝。也许这有助于你指出正确的方向? –
@AndyWilkinson,谢谢你的回答。在调试时,我发现'application.properties'中的'server.contextPath:/ api'没有考虑到。现在我需要使用'/ oauth/token'(而不是'''/ api/oauth/token',就像我在Spring Boot 1.5.7中使用的一样)来获取令牌。这可能是什么原因? – alexanoid