我试图在我的应用程序中使用Google应用程序引擎获取spring security oauth2设置.一切似乎在本地工作正常,但当我部署到应用程序引擎时,事情开始崩溃.我通过谷歌进行身份验证后,将其转发给Whitelabel错误页面.在控制台中我看到这个错误:
http://my-application.appspot.com/login?state=t…m&session_state=8b67f5df659a8324430803973b9e1726e39fd454..1ae3&prompt=none 401 (Unauthorized)
我用这个application.yml文件设置我的auth:
security:
oauth2:
client:
clientId: client-key
clientSecret: secret-key
accessTokenUri: https://www.googleapis.com/oauth2/v4/token
userAuthorizationUri: https://accounts.google.com/o/oauth2/v2/auth
clientAuthenticationScheme: form
scope:
- openid
- email
- profile
- https://www.googleapis.com/auth/cloud-platform
resource:
userInfoUri: https://www.googleapis.com/oauth2/v3/userinfo
preferTokenInfo: true
我的安全配置看起来像这样:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.and()
.authorizeRequests()
.antMatchers("/static/**").permitAll()
.antMatchers("/**").hasAuthority("ROLE_ADMIN")
.anyRequest().authenticated()
.and()
.exceptionHandling()
.accessDeniedPage("/403");
}
我在google凭据页面上配置了Oauth ID,以允许授权的javascript来源:
http://my-application.appspot.com https://my-application.appspot.com http://localhost:8080
并且授权的重定向URI为:
http://my-application.appspot.com/login https://my-application.appspot.com/login http://localhost:8080/login
我部署到GAE后,为什么我可能会收到未经授权的错误?
谢谢,
克雷格
京公网安备 11010802040832号 | 京ICP备19059560号-6 