一、错误信息
- Could not decode JSON for additional information: BaseClientDetails
2019-12-03 22:18:37.239 WARN 19120 --- [nio-8100-exec-4] o.s.s.o.p.c.JdbcClientDetailsService : Could not decode JSON for additional information: BaseClientDetails [clientId=c1, clientSecret=$2a$10$NlBC84MVb7F95EXYTXwLneXgCca6/GipyWR5NHm8K0203bSQMLpvm, scope=[ROLE_ADMIN, ROLE_USER, ROLE_API], resourceIds=[res1], authorizedGrantTypes=[client_credentials, password, authorization_code, implicit, refresh_token], registeredRedirectUris=[http://www.baidu.com], authorities=[], accessTokenValiditySeconds=7200, refreshTokenValiditySeconds=259200, additionalInformation={}]
java.io.EOFException: No content to map to Object due to end of input
at org.codehaus.jackson.map.ObjectMapper._initForReading(ObjectMapper.java:2775) ~[jackson-mapper-asl-1.9.13.jar:1.9.13]
at org.codehaus.jackson.map.ObjectMapper._readMapAndClose(ObjectMapper.java:2718) ~[jackson-mapper-asl-1.9.13.jar:1.9.13]
at org.codehaus.jackson.map.ObjectMapper.readValue(ObjectMapper.java:1863) ~[jackson-mapper-asl-1.9.13.jar:1.9.13]
at org.springframework.security.oauth2.provider.client.JdbcClientDetailsService$JacksonMapper.read(`JdbcClientDetailsService.java:309`) ~[spring-security-oauth2-2.3.4.RELEASE.jar:na]
at org.springframework.security.oauth2.provider.client.JdbcClientDetailsService$ClientDetailsRowMapper.mapRow(JdbcClientDetailsService.java:268) [spring-security-oauth2-2.3.4.RELEASE.jar:na]
at org.springframework.security.oauth2.provider.client.JdbcClientDetailsService$ClientDetailsRowMapper.mapRow(JdbcClientDetailsService.java:251) [spring-security-oauth2-2.3.4.RELEASE.jar:na]
at org.springframework.jdbc.core.RowMapperResultSetExtractor.extractData(RowMapperResultSetExtractor.java:94) [spring-jdbc-5.1.10.RELEASE.jar:5.1.10.RELEASE]
at org.springframework.jdbc.core.RowMapperResultSetExtractor.extractData(RowMapperResultSetExtractor.java:61) [spring-jdbc-5.1.10.RELEASE.jar:5.1.10.RELEASE]
根据错消息定位到 JdbcClientDetailsService.java 这个类,查看源码可以知道查出的数据中有一个空数据转json报错
查看数据库果然 additional_information 字段都是空的。然后在数据库中先添加了测试字符串,发现还是报同样的错误。
最后百度+google终于在网址找到了下面这两篇文章。
1.根据这篇文章里的介绍这是一个预留的字段 https://blog.csdn.net/u011676300/article/details/84390988
二、错误信息
{"error":"method_not_allowed","error_description":"Request method 'GET' not supported"}
原因:security 默认只支持post方式获取token,如果需要实用get方式的话需要修改security的配置
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager)
.tokenServices(tokenService())
.authorizationCodeServices(authorizationCodeServices())
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);// 默认只能通过post
}
三、重定向问题
当使用授权码认证模式的话,通过zuul网关访问:`http://localhost:8111/security/oauth/authorize?client_id=c1&response_type=code`,会重定向到
认证服务器的ip和端口
解决:
zuul:
routes:
# 添加代理投
add-proxy-headers: true
# 此处解决后端服务重定向导致用户浏览的 host 变成 后端服务的 host 问题
add-host-header: true
加上之后,ip和端口就不会改为认证服务器的地址
http://localhost:8111/security/oauth/authorize?client_id=c1&response_type=code
