spring - 尝试检索 OAuth 2.0 访问令牌响应时出错:POST 请求中的 I/O 错误
问题描述
我正在开发 Spring Boot 和 Spring Security OAuth2 客户端示例,尝试使用 facebook 进行 SSO 低于错误
[invalid_token_response] 尝试检索 OAuth 2.0 访问令牌响应时出错:“https://graph.facebook.com/v2.8/oauth/access_token”的 POST 请求出现 I/O 错误:PKIX 路径构建失败: sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径;嵌套异常是 javax.net.ssl.SSLHandshakeException:PKIX 路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径
pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.4.5</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.example</groupId>
<artifactId>spring-security-oauth-ex1</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>spring-security-oauth-ex1</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<excludes>
<exclude>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</exclude>
</excludes>
</configuration>
</plugin>
</plugins>
</build>
</project>
应用程序.yml
server:
port: 8080
logging:
level:
root: INFO
com.memorynotfound: INFO
org.springframework.web: INFO
org.springframework.security: DEBUG
spring:
security:
oauth2:
client:
registration:
facebook:
client-id: 156900623068997
client-secret:
投资组合.html
<!DOCTYPE html>
<html>
<head>
<meta charset="ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
Welcome to your portfolio
</body>
</html>
投资组合控制器.java
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@Controller
public class PortfolioController {
@GetMapping("/portfolio")
public String portfolio() {
return "portfolio";
}
}
令牌控制器.java
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class TokenController {
@GetMapping("/token")
public String getAccessToken() {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
DefaultOidcUser principal = (DefaultOidcUser) auth.getPrincipal();
return principal.getIdToken().getTokenValue();
}
}
解决方案
也许尝试以某种方式使用@AuthenticationPrincipal,例如:
@RestController
public class TokenController {
@GetMapping("/token")
public String getAccessToken(@AuthenticationPrincipal OidcUser principal) {
OidcIdToken idToken = principal.getIdToken();
String idTokenValue = idToken.getTokenValue();
return idTokenValue ;
}
}
推荐阅读
- javascript - 在对象中的对象数组中查找属性的最大值
- amazon-web-services - 使用 AWS Amplify 认证用户与 ALB 或 API 网关通信?
- ios - UIStackView - 将图像定位在兄弟的边缘
- php - 如何使此选项卡默认处于活动状态?
- google-sheets - 如何将上面单元格中的日期与一列日期匹配,并将单元格左侧的值带到匹配的单元格
- java - Jackson ObjectMapper 使用 Json 字符串键反序列化 Map
- scala - 使用 alpakka-elasticsearch 客户端进行弹性搜索多查询
- php - 如何处理包含单个文件的提交的重力表格
- vba - 访问错误 2683 - 此控件中没有对象
- javascript - 自定义 HTML 复选框标签