# 配置类添加注解@EnableOAuth2Sso
# 注入
@Bean
public OAuth2RestTemplate oAuth2RestTemplate(UserInfoRestTemplateFactory factory) {
return factory.getUserInfoRestTemplate();
}
# 控制层注入
@Autowired
private OAuth2RestTemplate oAuth2RestTemplate;
# 方式1
@GetMapping("/member")
public String member() {
// 方式1,直接访问资源服务器
//MengxueguResult entity = oAuth2RestTemplate.getForObject("http://localhost:8080/product/list", MengxueguResult.class);
System.out.println("body: " + entity);
return "member";
}
- 测试:启动服务注册模块、网关、认证服务器、资源服务器、客户端1
# 浏览器打开
http://localhost:9001/
# 访问/member接口,报错如下
Whitelabel Error Page
This application has no explicit mapping for /error, so you are seeing this as a fallback.
Fri Jul 01 15:03:45 GMT+08:00 2022
There was an unexpected error (type=Internal Server Error, status=500).
Insufficient scope for this resource
error="insufficient_scope", error_description="Insufficient scope for this resource", scope="all"
# 错误原因:在资源服务器的配置类中指定了访问接口需要all的权限标识
.antMatchers("/**").access("#oauth2.hasScope('all')")
# 解决方案:在数据库中为客户端1添加all的权限标识
# 控制台打印
15:06:23.029 INFO 11292 --- [)-192.168.137.1] o.s.web.servlet.DispatcherServlet : Completed initialization in 3 ms
body: MengxueguResult(code=200, message=OK, data=[眼镜, 格子衬衣, 双肩包])
@GetMapping("/member")
public String member() {
// 方式2,通过网关
ResponseEntity<MengxueguResult> entity = oAuth2RestTemplate.getForEntity("http://localhost:7001/product/list", MengxueguResult.class);
System.out.println("body: " + entity);
return "member";
}
# 控制台报错如下
org.springframework.security.oauth2.common.exceptions.InsufficientScopeException: Insufficient scope for this resource
at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionJackson2Deserializer.deserialize(OAuth2ExceptionJackson2Deserializer.java:112)
at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionJackson2Deserializer.deserialize(OAuth2ExceptionJackson2Deserializer.java:33)
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4202)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3258)
# 错误原因:在网关的ResourceServerConfig配置类中配置了,访问资源服务器需要有服务器id标识
public static final String RESOURCE_ID = "product-server";
public static final String AUTH_ID = "auth-server";
# 解决方案:在数据库中为客户端1添加服务器id标识
# 控制台打印
5:18:19.801 INFO 5064 --- [)-192.168.137.1] o.s.web.servlet.DispatcherServlet : Completed initialization in 3 ms
body: <200,MengxueguResult(code=200, message=OK, data=[眼镜, 格子衬衣, 双肩包]),[Vary:"Origin", "Access-Control-Request-Method", "Access-Control-Request-Headers", Date:"Fri, 01 Jul 2022 07:18:34 GMT", Keep-Alive:"timeout=60", X-Content-Type-Options:"nosniff", X-XSS-Protection:"1; mode=block", Cache-Control:"no-cache, no-store, max-age=0, must-revalidate", Pragma:"no-cache", Expires:"0", X-Frame-Options:"DENY", Content-Type:"application/json", Transfer-Encoding:"chunked", Connection:"keep-alive"]>