你能告诉我为什么下面的 javascript 代码并不总是在下面的简单 index.html 中出现吗?
[英]Can you please let me know why the following javascript code is not always hitting in the following simple index.html?
问题描述
I am following https://spring.io/guides/tutorials/spring-boot-oauth2/ and reference to source code is https://github.com/spring-guides/tut-spring-boot-oauth2/tree/main/click .
我正在关注https://spring.io/guides/tutorials/spring-boot-oauth2/并且对源代码的引用是https://github.com/spring-guides/tut-spring-boot-oauth2/tree/main /点击。 But you don't need to understand the full code.但是您不需要了解完整的代码。 I have one basic question.我有一个基本问题。
Basically whenever I am loading the page the callback method in $.get("/user", function(data) { is not always hitting.基本上每当我加载页面时, $.get("/user", function(data) { 中的回调方法并不总是命中。
What does the $.get("/user") - refers to. $.get("/user") - 指的是什么。 Isn't it mean hitting the /user endpoint provided by the Spring-boot-app.这不是说命中 Spring-boot-app 提供的/user端点吗? And the breakpoint in java (end-point user) and javascript (callback) method [which is making the authenticated class div to be visible and hide unauthenticated ] are not always hitting - they only hit once the authentication is successful.并且 java(端点用户)和 javascript(回调)方法 [使经过身份验证的类 div 可见并隐藏未经身份验证] 中的断点并不总是命中 - 它们仅在身份验证成功后命中。
Question问题
Why the breakpoints in Java and Javascript are not always hitting?为什么 Java 和 Javascript 中的断点并不总是命中? it's only hitting when the app is successfully authenticated with github.只有当应用程序成功通过 github 进行身份验证时才会触发。 But I'm thinking its something to do with the basics of - jquery, html and javascript rather than related to oauth2 flow here.但我认为它与 jquery、html 和 javascript 的基础知识有关,而不是与此处的 oauth2 流程有关。
Can you please let me know the details?你能告诉我细节吗? Do let me know if you have any questions in case the question is not clear.如果您有任何问题,请告诉我,以防问题不清楚。
@GetMapping("/user")
public Map<String, Object> user() {
return Collections.singletonMap("name", "foo");
}
<body>
<h1>Login</h1>
<div class="container unauthenticated">
With GitHub: <a href="/oauth2/authorization/github">click here</a>
</div>
<div class="container authenticated" style="display: none">
Logged in as: <span id="user"></span>
</div>
<script type="text/javascript">
$.get("/user", function(data) {
$("#user").html(data.name);
$(".unauthenticated").hide()
$(".authenticated").show()
});
</script>
</body>
1 个解决方案
解决方案1
0 已采纳 2021-07-17 05:36:31
Actually, I got it.事实上,我明白了。 It's always hitting /user end-point, but when its not authenticated in-network table I do see 401 for /user end-point.它总是到达 /user 端点,但是当它未经过身份验证的网络内表时,我确实看到了 /user 端点的 401。
And its because of the below configuration in the Controller - which should be enforcing oauth2Login (ie; filter chain must be not letting the request to come to controller)这是因为控制器中的以下配置 - 应该强制执行 oauth2Login (即;过滤器链必须不让请求到达控制器)
And looking at the documentaton bit closely also expalined - just copying the exceprt from the tutorial documentation.并仔细查看文档位也解释了 - 只需从教程文档中复制 exceprt。
You won't see anything about /user in this configuration, though.
Finally, since we are interfacing with the backend over Ajax, we'll want to configure endpoints to respond with a 401 instead of the default behavior of redirecting to a login page.
. .
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeRequests(a -> a
.antMatchers("/", "/error", "/webjars/**").permitAll()
.anyRequest().authenticated()
)
.exceptionHandling(e -> e
.authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED))
)
.oauth2Login();
// @formatter:on
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.