统一认证中心 Oauth2 认证坑

cas-server-url: http://cas-server-service #这里配置成HA地址
security:  oauth2: #与cas-server对应的配置    client:      client-id: admin-web      client-secret: admin-web-123      user-authorization-uri: ${cas-server-url}/oauth/authorize #是授权码认证方式需要的      access-token-uri: ${cas-server-url}/oauth/token #是密码模式需要用到的获取 token 的接口    resource:      loadBalanced: true      id: admin-web      user-info-uri: ${cas-server-url}/api/user #指定user info的URI      prefer-token-info: false

/** * 返回发现的所有服务 * @author Damon * @date 2021年11月2日 下午8:18:44 * @return * */@PreAuthorize("hasRole('admin')")  @GetMapping(value = "/getService")    public String getService(){    HttpHeaders headers = new HttpHeaders();    MediaType type = MediaType.parseMediaType("application/json; charset=UTF-8");    headers.setContentType(type);    headers.add("Accept", MediaType.APPLICATION_JSON.toString());    HttpEntity<String> formEntity = new HttpEntity<String>(null, headers);    String body = "";    try {      ResponseEntity<String> responseEntity = restTemplate.exchange("http://cas-server/api/v1/user",          HttpMethod.GET, formEntity, String.class);      if (responseEntity.getStatusCodeValue() == 200) {        return "ok";      }    } catch (Exception e) {      System.out.println(e.getMessage());    }    return body;    }

2021-11-03 15:59:09.385 DEBUG 127896 --- [io2-2001-exec-4] org.springframework.web.HttpLogging      : HTTP GET http://cas-server/auth/user2021-11-03 15:59:09.389 DEBUG 127896 --- [io2-2001-exec-4] org.springframework.web.HttpLogging      : Accept=[application/json, application/*+json]2021-11-03 15:59:09.427 DEBUG 127896 --- [io2-2001-exec-4] org.springframework.web.HttpLogging      : Response 404 NOT_FOUND2021-11-03 15:59:09.446 DEBUG 127896 --- [io2-2001-exec-4] o.s.w.c.HttpMessageConverterExtractor    : Reading to [org.springframework.security.oauth2.common.exceptions.OAuth2Exception]2021-11-03 15:59:09.456  WARN 127896 --- [io2-2001-exec-4] o.s.b.a.s.o.r.UserInfoTokenServices      : Could not fetch user details: class org.springframework.web.client.HttpClientErrorException$NotFound, 404 : [{"timestamp":"2021-11-03T07:59:09.423+00:00","status":404,"error":"Not Found","message":"","path":"/auth/user"}]2021-11-03 15:59:09.457 ERROR 127896 --- [io2-2001-exec-4] c.l.h.CustomAuthenticationEntryPoint     : 无效的token，请重新认证访问{"data":"b34841b4-61fa-4dbb-9e2b-76496deb27b4","result":{"code":20202,"msg":"未认证","status":401}}

2021-11-03 15:59:09.407 DEBUG 54492 --- [o2-2000-exec-15] o.s.web.servlet.DispatcherServlet        : GET "/auth/user", parameters={}2021-11-03 15:59:09.409 DEBUG 54492 --- [o2-2000-exec-15] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped to ResourceHttpRequestHandler ["classpath:/META-INF/resources/", "classpath:/resources/", "classpath:/static/", "classpath:/public/"]2021-11-03 15:59:09.413 DEBUG 54492 --- [o2-2000-exec-15] o.s.w.s.r.ResourceHttpRequestHandler     : Resource not found2021-11-03 15:59:09.414 DEBUG 54492 --- [o2-2000-exec-15] o.s.web.servlet.DispatcherServlet        : Completed 404 NOT_FOUND2021-11-03 15:59:09.422 DEBUG 54492 --- [o2-2000-exec-15] o.s.web.servlet.DispatcherServlet        : "ERROR" dispatch for GET "/error", parameters={}2021-11-03 15:59:09.423 DEBUG 54492 --- [o2-2000-exec-15] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#error(HttpServletRequest)2021-11-03 15:59:09.424 DEBUG 54492 --- [o2-2000-exec-15] o.s.w.s.m.m.a.HttpEntityMethodProcessor  : Using 'application/json', given [application/json] and supported [application/json, application/*+json, application/json, application/*+json, application/json, application/*+json]2021-11-03 15:59:09.424 DEBUG 54492 --- [o2-2000-exec-15] o.s.w.s.m.m.a.HttpEntityMethodProcessor  : Writing [{timestamp=Wed Nov 03 15:59:09 CST 2021, status=404, error=Not Found, message=, path=/auth/user}]2021-11-03 15:59:09.426 DEBUG 54492 --- [o2-2000-exec-15] o.s.web.servlet.DispatcherServlet        : Exiting from "ERROR" dispatch, status 404

@GetMapping("/api/v1/user")    public Authentication user(Map map, Principal user, Authentication auth) {        //获取当前用户信息      logger.info("cas-server provide user: " + JSON.toJSONString(auth));        return auth;    }

cas-server-url: http://cas-server
security:  path:    ignores: /,/index,/static/**,/css/**, /image/**, /favicon.ico, /js/**,/plugin/**,/avue.min.js,/img/**,/fonts/**  oauth2:    client:      client-id: rest-service      client-secret: rest-service-123      user-authorization-uri: ${cas-server-url}/oauth/authorize      access-token-uri: ${cas-server-url}/oauth/token    resource:      loadBalanced: true      id: rest-service      prefer-token-info: false      user-info-uri: ${cas-server-url}/api/v1/user    authorization:      check-token-access: ${cas-server-url}/oauth/check_token

"authorities": [ { "authority": "ROLE_admin" }, { "authority": "admin" }

{ "authorities": [ { "authority": "ROLE_admin" }, { "authority": "admin" } ], "details": { "remoteAddress": "0:0:0:0:0:0:0:1", "sessionId": null, "tokenValue": "b34841b4-61fa-4dbb-9e2b-76496deb27b4", "tokenType": "bearer", "decodedDetails": null }, "authenticated": true, "userAuthentication": { "authorities": [ { "authority": "ROLE_admin" }, { "authority": "admin" } ], "details": { "authorities": [ { "authority": "ROLE_admin" }, { "authority": "admin" } ], "details": { "remoteAddress": "169.254.200.12", "sessionId": null, "tokenValue": "b34841b4-61fa-4dbb-9e2b-76496deb27b4", "tokenType": "Bearer", "decodedDetails": null }, "authenticated": true, "userAuthentication": { "authorities": [ { "authority": "ROLE_admin" }, { "authority": "admin" } ],...