确认 oauth2 批准流程后,Princial 是 null 在服务 /oauth/authorize (http post in approveOrDeny)
[英]Princial is null in service /oauth/authorize (http post in approveOrDeny) after confirm oauth2 approval flow
问题描述
I'm using the spring security oauth2 approval page, which when i authorize a request is sent as a "post" to "/oauth/authorize" (method approveOrDeny from class AuthorizationEndpoint), however one of the parameters of this service is null, which would be "principal". 
I'm using the spring security oauth2 approval page, which when i authorize a request is sent as a "post" to "/oauth/authorize" (method approveOrDeny from class AuthorizationEndpoint), however one of the parameters of this service is null,这将是“主要的”。
The spring oauth page, when i click in authorize ( https://i.imgur.com/rJvCUo9.jpg ) spring oauth 页面,当我点击授权时( https://i.imgur.com/rJvCUo9.jpg )
Does anybody knowns why this parameter (Principal principal) is null?有谁知道为什么这个参数(Principal principal)是null?
This is the spring method which has the principal null这是 spring 方法,它具有主要的 null
public View approveOrDeny(@RequestParam Map<String, String> approvalParameters, Map<String, ?> model,
SessionStatus sessionStatus, Principal principal) {
if (!(principal instanceof Authentication)) {
sessionStatus.setComplete();
throw new InsufficientAuthenticationException(
"User must be authenticated with Spring Security before authorizing an access token.");
}
...
...
1 个解决方案
解决方案1
0 2019-10-22 11:35:28
I found out the problem, i had a class that was extending DefaultRedirectResolver and in the overrided method resolveRedirect i was calling SecurityContextHolder.clearContext()我发现了问题,我有一个 class 正在扩展 DefaultRedirectResolver 并且在覆盖的方法 resolveRedirect 中我正在调用 SecurityContextHolder.clearContext()
Just removindo SecurityContextHolder.clearContext() the principal came filled.只需删除 SecurityContextHolder.clearContext() 即可填充主体。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.