Closed VINO42 closed 4 years ago
I had config this in AuthorizationServerConfig
@Override public void configure(AuthorizationServerSecurityConfigurer oauthServer) { oauthServer.allowFormAuthenticationForClients().checkTokenAccess("permitAll()"); }
so we can exlude this config cause
i seems like the same problem
Thanks for getting in touch, but it feels like this is a question that would be better suited to Stack Overflow. As mentioned in the guidelines for contributing, we prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add some more details if you feel this is a genuine bug.
It works well under SpringCloud SR1 . lol
Summary
When I use SSO (Spring-Security-oauth) with springcloud , I got a strange problem, I can get the access token , but when I use the check_token api it seems somethingwrong, BTW, I use springcloud It seems when request the check_token uri ,response with wrong contentType,so it use MappingJackson2XmlHttpMessageConverter to converter the response . So , what should I do ,is there some configuration wrong? or is it a bug?
Actual Behavior
in check_token uri response map , the value of active is String type . the response contentType is application/xml;charset=UTF-8 like this: application/xml;charset=UTF-8 (value of content-type , the response of check_token uri ) the response map:
relative codes: RemoteTokenServices
public OAuth2Authentication loadAuthentication(String accessToken) throws AuthenticationException, InvalidTokenException { MultiValueMap<String, String> formData = new LinkedMultiValueMap(); formData.add(this.tokenName, accessToken); HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", this.getAuthorizationHeader(this.clientId, this.clientSecret)); Map<String, Object> map = this.postForMap(this.checkTokenEndpointUrl, formData, headers); if (map.containsKey("error")) { if (this.logger.isDebugEnabled()) { this.logger.debug("check_token returned error: " + map.get("error")); } throw new InvalidTokenException(accessToken); //!!!ATTENTION! BELOW CODES IS THE REASON!!! } else if (!Boolean.TRUE.equals(map.get("active"))) { this.logger.debug("check_token returned active attribute: " + map.get("active")); throw new InvalidTokenException(accessToken); } else { return this.tokenConverter.extractAuthentication(map); } }
HttpMessageConverterExtractorpublic T extractData(ClientHttpResponse response) throws IOException { MessageBodyClientHttpResponseWrapper responseWrapper = new MessageBodyClientHttpResponseWrapper(response); if (responseWrapper.hasMessageBody() && !responseWrapper.hasEmptyMessageBody()) { //!!!HERE GET THE WRONG CONTENT-TYPE!!! MediaType contentType = this.getContentType(responseWrapper); try { Iterator var4 = this.messageConverters.iterator(); while(var4.hasNext()) { HttpMessageConverter<?> messageConverter = (HttpMessageConverter)var4.next(); if (messageConverter instanceof GenericHttpMessageConverter) { GenericHttpMessageConverter<?> genericMessageConverter = (GenericHttpMessageConverter)messageConverter; if (genericMessageConverter.canRead(this.responseType, (Class)null, contentType)) { if (this.logger.isDebugEnabled()) { ResolvableType resolvableType = ResolvableType.forType(this.responseType); this.logger.debug("Reading to [" + resolvableType + "]"); } return genericMessageConverter.read(this.responseType, (Class)null, responseWrapper); } } if (this.responseClass != null && messageConverter.canRead(this.responseClass, contentType)) { if (this.logger.isDebugEnabled()) { String className = this.responseClass.getName(); this.logger.debug("Reading to [" + className + "] as \"" + contentType + "\""); } return messageConverter.read(this.responseClass, responseWrapper); } } } catch (HttpMessageNotReadableException | IOException var8) { throw new RestClientException("Error while extracting response for type [" + this.responseType + "] and content type [" + contentType + "]", var8); } throw new RestClientException("Could not extract response: no suitable HttpMessageConverter found for response type [" + this.responseType + "] and content type [" + contentType + "]"); } else { return null; } }
and the messageConverters in class HttpMessageConverterExtractor: and the response content-type in class HttpMessageConverterExtractor:Expected Behavior
in check_token uri response map , the value of active should be Boolean type,and the response contentType should be application/json.
Configuration
Version
SpringCloud version: Hoxton.SR3
Sample
no sample sorry.