1. 技术文章
  2. Spring Security OAuth oauth/token_key returns 404 - error: not Found

Spring Security OAuth oauth/token_key returns 404 - error: not Found

允我心安 提交于 2020-12-16 02:19:44

问题


I am trying to build Authorization Server using Spring Security.

Code is available on git - https://github.com/bharatnpti/SpringAuthServerSO

I have implemented JWT, everything is working fine for example - generation of token, check_token.

However the endpoint oauth/token_key is giving error - 404, not found.

Have tried the following access for token_key :-

  1. tokenKeyAccess("permitAll() || isAnonymous()")
  2. tokenKeyAccess("permitAll()")

Below are the logs for token_key request :-

2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/test/oauth/token'] 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/test/oauth/token_key'; against '/test/oauth/token' 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/test/oauth/token_key'] 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/test/oauth/token_key'; against '/test/oauth/token_key' 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : matched 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter' 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter' 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter' 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET] 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/test/oauth/token_key'; against '/logout' 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST] 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /test/oauth/token_key' doesn't match 'POST /logout' 2020-12-07 03:22:28.453 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT] 2020-12-07 03:22:28.454 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /test/oauth/token_key' doesn't match 'PUT /logout' 2020-12-07 03:22:28.454 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE] 2020-12-07 03:22:28.454 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /test/oauth/token_key' doesn't match 'DELETE /logout' 2020-12-07 03:22:28.454 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : No matches found 2020-12-07 03:22:28.454 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.www.BasicAuthenticationFilter : Basic Authentication Authorization header found for user '1' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.www.BasicAuthenticationFilter : Authentication success: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffff4c91: Principal: org.springframework.security.core.userdetails.User@31: Username: 1; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Not granted any authorities; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.s.HttpSessionRequestCache : saved request doesn't match 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.AnonymousAuthenticationFilter : SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffff4c91: Principal: org.springframework.security.core.userdetails.User@31: Username: 1; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Not granted any authorities; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] s.CompositeSessionAuthenticationStrategy : Delegating to org.springframework.security.web.authentication.session.ChangeSessionIdAuthenticationStrategy@cd5ff55 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/test/oauth/token_key'; against '/test/oauth/token' 2020-12-07 03:22:28.456 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/test/oauth/token_key'; against '/test/oauth/token_key' 2020-12-07 03:22:28.457 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.i.FilterSecurityInterceptor : Secure object: FilterInvocation: URL: /test/oauth/token_key; Attributes: [permitAll() || isAnonymous()] 2020-12-07 03:22:28.457 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.i.FilterSecurityInterceptor : Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@ffff4c91: Principal: org.springframework.security.core.userdetails.User@31: Username: 1; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; credentialsNonExpired: true; AccountNonLocked: true; Not granted any authorities; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Not granted any authorities 2020-12-07 03:22:28.457 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.access.vote.AffirmativeBased : Voter: org.springframework.security.web.access.expression.WebExpressionVoter@56707676, returned: 1 2020-12-07 03:22:28.457 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.i.FilterSecurityInterceptor : Authorization successful 2020-12-07 03:22:28.457 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.i.FilterSecurityInterceptor : RunAsManager did not change Authentication object 2020-12-07 03:22:28.457 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /test/oauth/token_key reached end of additional filter chain; proceeding with original chain 2020-12-07 03:22:28.459 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@39309083 2020-12-07 03:22:28.460 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally 2020-12-07 03:22:28.461 DEBUG 1432 --- [nio-5555-exec-6] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed 2020-12-07 03:22:28.462 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/test/oauth/token'] 2020-12-07 03:22:28.462 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/test/oauth/token' 2020-12-07 03:22:28.462 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/test/oauth/token_key'] 2020-12-07 03:22:28.462 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/test/oauth/token_key' 2020-12-07 03:22:28.462 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/test/oauth/check_token'] 2020-12-07 03:22:28.462 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/test/oauth/check_token' 2020-12-07 03:22:28.462 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : No matches found 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter' 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter' 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter' 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter' 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', GET] 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/error'; against '/logout' 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', POST] 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'POST /logout' 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', PUT] 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'PUT /logout' 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : Trying to match using Ant [pattern='/logout', DELETE] 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Request 'GET /error' doesn't match 'DELETE /logout' 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.web.util.matcher.OrRequestMatcher : No matches found 2020-12-07 03:22:28.463 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 5 of 11 in additional filter chain; firing Filter: 'OAuth2AuthenticationProcessingFilter' 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.o.p.a.BearerTokenExtractor : Token not found in headers. Trying request parameters. 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.o.p.a.BearerTokenExtractor : Token not found in request parameters. Not an OAuth2 request. 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] p.a.OAuth2AuthenticationProcessingFilter : No token in request, will continue chain. 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter' 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.AnonymousAuthenticationFilter : Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@cddf33a7: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS' 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter' 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 2020-12-07 03:22:28.464 DEBUG 1432 --- [nio-5555-exec-6] o.s.security.web.FilterChainProxy : /error reached end of additional filter chain; proceeding with original chain 2020-12-07 03:22:28.467 DEBUG 1432 --- [nio-5555-exec-6] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally 2020-12-07 03:22:28.468 DEBUG 1432 --- [nio-5555-exec-6] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed

来源:https://stackoverflow.com/questions/65173600/spring-security-oauth-oauth-token-key-returns-404-error-not-found

标签
java
spring-boot
spring-security
oauth-2.0
spring-cloud
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!