11

curl でこのコマンドを実行して、oauth2 サーバーからコードを要求しようとしました

 curl -X POST -k -vu clientapp:123456 http://localhost:8080/oauth/token -H "Accept: application/json" -d "grant_type=authorization_code&scope=read%20write&client_secret=123456&client_id=clientapp&code=appcode&redirect_uri=localhost:3000"

応答は

* Adding handle: conn: 0x608860
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x608860) send_pipe: 1, recv_pipe: 0
* About to connect() to localhost port 8080 (#0)
*   Trying ::1...
* Connected to localhost (::1) port 8080 (#0)
* Server auth using Basic with user 'clientapp'
> POST /oauth/token HTTP/1.1
> Authorization: Basic Y2xpZW50YXBwOjEyMzQ1Ng==
> User-Agent: curl/7.30.0
> Host: localhost:8080
> Accept: application/json
> Content-Length: 131
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 131 out of 131 bytes
< HTTP/1.1 400 Bad Request
< Date: Mon, 16 May 2016 01:02:09 GMT
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT,DELETE
< Access-Control-Max-Age: 3600
< Access-Control-Allow-Headers: Authorization,Content-Disposition,Content-Description,Content-Type,Accept, X-Requested-With, remember-me
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: DENY
< Cache-Control: no-store
< Pragma: no-cache
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
* Server Jetty(9.2.14.v20151106) is not blacklisted
< Server: Jetty(9.2.14.v20151106)
<
{"error":"invalid_grant","error_description":"Invalid authorization code: appcode"}*

ログを確認すると、このエラーが発生しました。

2016-05-16 09:26:43.826  INFO 9688 --- [tp1276746636-47] o.s.s.o.provider.endpoint.TokenEndpoint  : Handling error: NullPointerException, null

私の構成の要点

@Configuration
@EnableAuthorizationServer
protected static class AuthorizationServerConfiguration extends
        AuthorizationServerConfigurerAdapter {

    @Value("${client.secret}")
    private String clientSecret;

    @Value("${client}")
    private String clientId;

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    private JdbcAuthorizationCodeServices jdbcAuthorizationCodeServices;

    /**
     * By default,
     * it uses the JDBCUserDetails, we exposed our own authentication manager bean
     */
    @Autowired
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private JdbcClientDetailsService jdbcClientDetailsService;

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
            throws Exception {
        endpoints
                .tokenStore(this.tokenStore)
                .authenticationManager(this.authenticationManager)
                .authorizationCodeServices(this.jdbcAuthorizationCodeServices).userApprovalHandler(new DefaultUserApprovalHandler());
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security.allowFormAuthenticationForClients();
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.withClientDetails(jdbcClientDetailsService);
                /*.inMemory()
                .withClient(clientId)
                .authorizedGrantTypes("password", "refresh_token")
                .authorities("USER")
                .scopes("read", "write")
                .resourceIds(RESOURCE_ID)
                .secret(clientSecret);*/
    }

    @Bean
    @Primary
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices tokenServices = new DefaultTokenServices();
        tokenServices.setSupportRefreshToken(true);
        tokenServices.setTokenStore(this.tokenStore);
        return tokenServices;
    }
}
4

1 に答える 1

23

前述のように、完全なスタック トレースを出力する必要があります。これを行う最も簡単な方法は、カスタマイズされた例外トランスレーターを Auth サーバー構成に挿入することです。以下の例を参照してください。

新しい例外トランスレーターを定義します。

    @Bean
    public WebResponseExceptionTranslator loggingExceptionTranslator() {
        return new DefaultWebResponseExceptionTranslator() {
            @Override
            public ResponseEntity<OAuth2Exception> translate(Exception e) throws Exception {
                // This is the line that prints the stack trace to the log. You can customise this to format the trace etc if you like
                e.printStackTrace();

                // Carry on handling the exception
                ResponseEntity<OAuth2Exception> responseEntity = super.translate(e);
                HttpHeaders headers = new HttpHeaders();
                headers.setAll(responseEntity.getHeaders().toSingleValueMap());
                OAuth2Exception excBody = responseEntity.getBody();
                return new ResponseEntity<>(excBody, headers, responseEntity.getStatusCode());
            }
        };
    }

次に、エンドポイントを構成するメソッドで例外トランスレーターをエンドポイントに追加します。

public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
            endpoints
            // Your usual config here .....
            .exceptionTranslator(loggingExceptionTranslator());
}

問題の診断に役立つ有用な情報がログに表示されます。

于 2016-11-10T18:24:28.550 に答える