为什么使用Swagger和OIDC会收到“无法从服务器读取错误信息”?
[英]Why am I getting 'Can't read from server error' with Swagger and OIDC?
问题描述
I have added OIDC via call to a MITREid server on a different domain to a swagger app. 
我已经通过调用到Svagger应用程序不同域中的MITREid服务器来添加OIDC。 I have set redirect URI to http://localhost:8080/swagger-ui.html When I authorise I am getting: 我已将重定向URI设置为http://localhost:8080/swagger-ui.html授权后,我将得到:
Can't read from server. It may not have the appropriate
access-control-origin settings
error. 错误。
My web-security-config is: 我的网络安全配置是:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${security.activation.status}")
private boolean securityActivationStatus;
@Value("${security.user.name}")
private String builtinUserName;
@Value("${security.user.password}")
private String builtinPassword;
@Autowired
private OAuth2RestTemplate restTemplate;
*/
String[] apiPath = {
"/v2/api-docs",
"/configuration/ui",
"/swagger-resources",
"/configuration/security",
"/swagger-ui.html",
"/webjars/**"
};
@Override
protected void configure(HttpSecurity http) throws Exception {
System.out.println("securityActivationStatus=" + securityActivationStatus);
if (!securityActivationStatus)
http.authorizeRequests().anyRequest().permitAll();
else {
http
.addFilterAfter(new OAuth2ClientContextFilter(), AbstractPreAuthenticatedProcessingFilter.class)
.addFilterAfter(myFilter(), OAuth2ClientContextFilter.class)
.httpBasic().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/openid_connect_login"))
.and()
.authorizeRequests()
.antMatchers(apiPath).permitAll()
.antMatchers("/v1/**").authenticated();
}
http.csrf().disable();
http.headers().frameOptions().disable();
}
@Bean
public OpenIdConnectFilter myFilter() {
final OpenIdConnectFilter filter = new OpenIdConnectFilter("/openid_connect_login");
filter.setRestTemplate(restTemplate);
return filter;
}
POM includes: POM包括:
<properties>
<springfox.version>2.7.0</springfox.version>
<swagger.version>1.5.17</swagger.version>
<swagger2markup.version>1.3.1</swagger2markup.version>
<!-- For CheckStyle -->
<linkXRef>false</linkXRef>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<spring-security-oauth2.version>2.2.1.RELEASE</spring-security-oauth2.version>
<spring-security-jwt.version>1.0.9.RELEASE</spring-security-jwt.version>
<jwks-rsa.version>0.3.0</jwks-rsa.version>
<mitreid-connect-version>1.3.1</mitreid-connect-version>
</properties>
Form my research it seems this might be to do with CORS. 从我的研究看来,这可能与CORS有关。 Does that sound like a likely problem or is my code maybe missing something? 这听起来像是一个可能的问题,还是我的代码可能缺少一些东西? If it is CORS can you point me in the right direction of how to sort it? 如果是CORS,您能指出我正确排序的方向吗? I am a complete noob to swagger. 我是个完全不懂事的菜鸟。
2 个解决方案
解决方案1
0 2019-03-24 17:57:39
Enable the cors : 启用cors:
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CorsFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
final HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type");
if (HttpMethod.OPTIONS.name().equalsIgnoreCase(((HttpServletRequest) req).getMethod())) {
response.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(req, res);
}
}
@Override
public void destroy() {
}
@Override
public void init(FilterConfig config) throws ServletException {
}
}
解决方案2
0 已采纳 2019-04-01 16:04:48
如果它可以帮助某人,则答案为/openid_connect_login是错误的uri。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.