[英]spring security oauth2 JWT refresh token returns “Authentication failed: invalid_token Cannot convert access token to JSON”
我已经使用JWT和初始身份验证实现了spring-security-oauth2 ,对资源的请求也正常工作,令牌增强器也是如此。 当我尝试使用刷新令牌获取新的JWT时,出现错误"cannot convert access token to JSON"
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
// ....
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.tokenStore(tokenStore())
.authenticationManager(authenticationManager)
.accessTokenConverter(accessTokenConverter())
.reuseRefreshTokens(false)
.userDetailsService(userDetailsService);
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new CustomTokenEnhancer();
converter.setSigningKey(jwtSigningKey);
converter.setVerifierKey(jwtSigningKey);
return converter;
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
Base64Utility base64 = new Base64Utility();
clients.inMemory()
.withClient(ApplicationConstants.CLIENT)
.resourceIds(securityConstants.audience)
.secret(...)
.scopes(AuthorizationConstants.READ)
.authorizedGrantTypes("password", "refresh_token")
.accessTokenValiditySeconds(securityConstants.getAccessTokenValiditySeconds())
.refreshTokenValiditySeconds(securityConstants.getRefreshTokenValiditySeconds());
}
}
返回的access_token是正常的three.part.token ,而refresh_token像这样: 22cc0513-8a19-42bb-9bd4-631c6758a273
我使用以下Javascript代码尝试刷新它:
function refreshToken() {
var client = jwtForm.client.value;
var clientSecret = getClientSecret();
var data = "grant_type=refresh_token&refresh_token=" + jwt.refresh_token;
var xhr = new XMLHttpRequest();
xhr.open("POST", authServer + "/oauth/token");
xhr.setRequestHeader ("Authorization", "Basic " + btoa(client + ":" + atob(clientSecret)));
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
xhr.onreadystatechange = function () {
if(xhr.readyState == 4) {
processResponse(xhr);
}
};
xhr.send(data);
}
有任何想法吗?
问题出在我的自定义JwtAccessTokenConverter中。 如果您不打算创建自己的刷新令牌,则必须在增强方法中调用super.enchance。 一旦我调用super.enhance,它就创建了一个JWT刷新令牌。
带有JWT的Spring OAuth2 - 在分离Auth和Resource Server时无法将访问令牌转换为JSON
[英]Spring OAuth2 with JWT - Cannot convert access token to JSON When Separating Auth and Resource Servers
Spring Security Oauth2:访问令牌无效/过期时的回退
[英]Spring Security Oauth2: Fallback when access token is invalid/expired
如何在spring security oauth2中分离访问令牌和刷新令牌端点
[英]How to separate access token and refresh token endpoint in spring security oauth2
Spring Boot 2.0.4 + OAuth2 + JWT-无法获取访问令牌,返回405或仅被映射到localhost:8080 /
[英]Spring Boot 2.0.4 + OAuth2 + JWT - Cannot get Access Token, returns 405 or just gets mapped into localhost:8080/
Spring security oauth2 - 无法访问 /oauth/token 路由
[英]Spring security oauth2 - Can't access /oauth/token route
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.