spring-security - spring sas 0.2.0 access_token throw '访问被拒绝'
问题描述
我从“/oauth2/token”端点获得了 access_token。但是当我使用 access_token 查询其他自定义端点时,spring sas 0.2.0 会抛出“访问被拒绝”。
首先执行
curl --location --request POST 'http://127.0.0.1:9000/oauth2/token?grant_type=authorization_code&code=YeJIEhXpWDVkRiuCy3ARVHQDb9KJxrU0EF4LqT5CO_3t6fesQtNLWFPHYpm93ZmhvjSC3gNJh7EkC-Y8zjeUE7gG7PVYi0ZKFIHv2vosAHqllgdsy-2FEUFCJg01psrA&redirect_uri=https://www.baidu.com' \ --header 'Authorization: Basic bWVzc2FnaW5nLWNsaWVudDpzZWNyZXQ=' \ --header 'Cookie: JSESSIONID=984A845EEFA040BFE7114A49A31A207C'
回应是
{
"access_token": "eyJraWQiOiJhNzA2ODU0NS1kNGE3LTQzOWUtOWFjNS1lNjA3ZmE4M2FlYTQiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyMSIsImF1ZCI6Im1lc3NhZ2luZy1jbGllbnQiLCJuYmYiOjE2MzY0NDY1NzcsInNjb3BlIjpbIm1lc3NhZ2Uud3JpdGUiXSwiaXNzIjoiaHR0cDpcL1wvYXV0aC1zZXJ2ZXI6OTAwMCIsImV4cCI6MTYzNjQ0Njg3NywiaWF0IjoxNjM2NDQ2NTc3fQ.gK5ZQyHbV3vC1KkKuTp39BpSevKJPawy0ruXAUtICkTacz4hPv0u39lIf2Yze0-esq5D58YHOU2mcTE7RwGQDVjJVTxx9acV4a0bNcVM7H52I1QMCVWVYOl9fXmG8Z2aZFgEXP5TvmWaDh7ZZkG8iAxIexE72rlbkCB9P58_fkKLt9ui_lJGhDlD3ExKs2hcwyiDQmHugP3bpxGBX2rq_pnBN50oG0Tffur3fzTaO9pehxikjLCrbfAt94TeF3O7xrqvcHMRvUVR78pdN7Z4zEPCYWCq1bDEqXKUqdRfqxoK6JZJb4CpZXGC5I3eh9xg_1CSfbA3EKil0iKR0wUmog",
"refresh_token": "2jR_frg36Bzogz-Ul7_KQCokYLuWu2IKhW1fpL8YBZv_qrunTXN-UX7mwPcs0AXFf8ILnsiqbnz5q_Ant26VdElP5ts01SVF-lwq1BKMCM9H1Qls8qgXuKMENdE4-vUX",
"scope": "message.write",
"token_type": "Bearer",
"expires_in": 299
}
第二次执行
curl --location --request GET 'http://127.0.0.1:9000/abc/hello' \ --header 'Authorization: Bearer eyJraWQiOiJhNzA2ODU0NS1kNGE3LTQzOWUtOWFjNS1lNjA3ZmE4M2FlYTQiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyMSIsImF1ZCI6Im1lc3NhZ2luZy1jbGllbnQiLCJuYmYiOjE2MzY0NDY1NzcsInNjb3BlIjpbIm1lc3NhZ2Uud3JpdGUiXSwiaXNzIjoiaHR0cDpcL1wvYXV0aC1zZXJ2ZXI6OTAwMCIsImV4cCI6MTYzNjQ0Njg3NywiaWF0IjoxNjM2NDQ2NTc3fQ.gK5ZQyHbV3vC1KkKuTp39BpSevKJPawy0ruXAUtICkTacz4hPv0u39lIf2Yze0-esq5D58YHOU2mcTE7RwGQDVjJVTxx9acV4a0bNcVM7H52I1QMCVWVYOl9fXmG8Z2aZFgEXP5TvmWaDh7ZZkG8iAxIexE72rlbkCB9P58_fkKLt9ui_lJGhDlD3ExKs2hcwyiDQmHugP3bpxGBX2rq_pnBN50oG0Tffur3fzTaO9pehxikjLCrbfAt94TeF3O7xrqvcHMRvUVR78pdN7Z4zEPCYWCq1bDEqXKUqdRfqxoK6JZJb4CpZXGC5I3eh9xg_1CSfbA3EKil0iKR0wUmog' \ --header 'Cookie: JSESSIONID=230472D75BB8A81CC4EEDE46F83376A3'
响应是 http 状态 401
解决方案
推荐阅读
- c++ - __builtin__FUNCTION() 是否有 MSVC 等效项?
- reactjs - 如何使用带有 react native 的 react js npm 包
- powershell - 多个通配符/域的消息跟踪日志到一个 csv
- docker - Windows Docker 中的网络存储 (SMB/CIFS)
- sql-server - ASP.NET MVC 以有限的访问权限连接到 DSN
- webpack - 放置在 Project 文件夹之外的 Webpack 捆绑文件
- php - Ionic 3 - 如何将 id 参数传递给“http delete”函数并仅删除特定用户?
- ios - UITabBar 项目在 iOS 12.1 上跳转后退导航
- python - 我想比较列表中索引的值,但一个索引不存在,我该如何处理该错误
- r - 如何使用knitr在代码块内的子图中插入分页符