尝试验证 azure 令牌时出现 401 错误
您好,我正在使用 使用哪个 azure-spring-boot-sample-active-directory 示例来验证来自 Vue.js 应用程序的 Spring Boot 应用程序中的访问令牌? 03-resource-server 代码来验证令牌。 但是我在使用 Postman 时总是收到 401 响应,并且没有 Body 响应。 可能是什么问题?过去几天我一直坚持这个问题请帮忙
配置:
@EnableWebSecurity
@Order(SecurityProperties.BASIC_AUTH_ORDER)
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2ResourceServer()
.jwt()
.and();
}
}
控制器:
@RestController
@RequestMapping("/api")
public class HomeController {
@GetMapping("/asd")
@ResponseBody
public String home() {
return "Hello, this is resource server 1.";
}
}
application.yml
spring:
security:
oauth2:
resourceserver:
jwt:
jwk-set-uri: https://login.microsoftonline.com/{tenant-id}/discovery/keys
issuer-uri: https://login.microsoftonline.com/{tenant-id}/v2.0
pom.xml
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
</dependency>
Hi I'm using the Which azure-spring-boot-sample-active-directory example to use to validate access token in a Spring Boot application coming from a Vue.js application? 03-resource-server code to validate the token.
But I'm getting an 401 response all the time while using Postman and no Body in response.
what might be the issue? I'm stuck on this for last few days Please do help
Configuration:
@EnableWebSecurity
@Order(SecurityProperties.BASIC_AUTH_ORDER)
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2ResourceServer()
.jwt()
.and();
}
}
Controller :
@RestController
@RequestMapping("/api")
public class HomeController {
@GetMapping("/asd")
@ResponseBody
public String home() {
return "Hello, this is resource server 1.";
}
}
application.yml
spring:
security:
oauth2:
resourceserver:
jwt:
jwk-set-uri: https://login.microsoftonline.com/{tenant-id}/discovery/keys
issuer-uri: https://login.microsoftonline.com/{tenant-id}/v2.0
pom.xml
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
</dependency>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您的 Java 代码看起来非常正确。我将首先向您的应用程序属性文件添加额外的日志记录,看看是否能告诉您任何信息,例如:
接下来,我将使用 JWT 查看器来查看该应用程序的 JWT 标头中是否有一个
nonce字段。访问令牌。如果是这样,那么验证将失败 - 请参阅这个我最近的回答,了解有关在 Azure AD 中公开 API 范围的更多信息。最后,您可以暂时尝试另一个库,它可能会给您更好的原因解释。请参阅 此 jose4j 代码 作为基于库的验证的示例。您可以将其粘贴到小型 Java 控制台应用程序中,并使用 Azure 访问令牌运行它。
Your Java code looks pretty correct. I would start with adding extra logging to your application properties file to see if that tells you anything, eg:
Next I would use a JWT viewer to see if there is a
noncefield in the JWT header of the access token. If so then it will fail validation - see this recent answer of mine for more info onexposing an API scopein Azure AD.Finally, you could try another library temporarily and it may give you a better explanation of the cause. See this jose4j code for an example of library based verification. You could paste that into a small Java console app and run it with an Azure access token.