| # 配置类添加注解@EnableOAuth2Sso |
| |
| # 注入 |
| @Bean |
| public OAuth2RestTemplate oAuth2RestTemplate(UserInfoRestTemplateFactory factory) { |
| return factory.getUserInfoRestTemplate(); |
| } |
| |
| # 控制层注入 |
| @Autowired |
| private OAuth2RestTemplate oAuth2RestTemplate; |
| |
| # 方式1 |
| @GetMapping("/member") |
| public String member() { |
| |
| |
| System.out.println("body: " + entity); |
| return "member"; |
| } |
- 测试:启动服务注册模块、网关、认证服务器、资源服务器、客户端1
| # 浏览器打开 |
| http: |
| |
| # 访问/member接口,报错如下 |
| Whitelabel Error Page |
| This application has no explicit mapping for /error, so you are seeing this as a fallback. |
| |
| Fri Jul 01 15:03:45 GMT+08:00 2022 |
| There was an unexpected error (type=Internal Server Error, status=500). |
| Insufficient scope for this resource |
| error="insufficient_scope", error_description="Insufficient scope for this resource", scope="all" |
| |
| # 错误原因:在资源服务器的配置类中指定了访问接口需要all的权限标识 |
| .antMatchers("/**").access("#oauth2.hasScope('all')") |
| |
| # 解决方案:在数据库中为客户端1添加all的权限标识 |

| # 控制台打印 |
| 15:06:23.029 INFO 11292 |
| body: MengxueguResult(code=200, message=OK, data=[眼镜, 格子衬衣, 双肩包]) |
| @GetMapping("/member") |
| public String member() { |
| |
| ResponseEntity<MengxueguResult> entity = oAuth2RestTemplate.getForEntity("http://localhost:7001/product/list", MengxueguResult.class); |
| System.out.println("body: " + entity); |
| return "member"; |
| } |
| |
| # 控制台报错如下 |
| org.springframework.security.oauth2.common.exceptions.InsufficientScopeException: Insufficient scope for this resource |
| at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionJackson2Deserializer.deserialize(OAuth2ExceptionJackson2Deserializer.java:112) |
| at org.springframework.security.oauth2.common.exceptions.OAuth2ExceptionJackson2Deserializer.deserialize(OAuth2ExceptionJackson2Deserializer.java:33) |
| at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4202) |
| at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3258) |
| |
| # 错误原因:在网关的ResourceServerConfig配置类中配置了,访问资源服务器需要有服务器id标识 |
| public static final String RESOURCE_ID = "product-server"; |
| public static final String AUTH_ID = "auth-server"; |
| |
| # 解决方案:在数据库中为客户端1添加服务器id标识 |

| # 控制台打印 |
| 5:18:19.801 INFO 5064 |
| body: <200,MengxueguResult(code=200, message=OK, data=[眼镜, 格子衬衣, 双肩包]),[Vary:"Origin", "Access-Control-Request-Method", "Access-Control-Request-Headers", Date:"Fri, 01 Jul 2022 07:18:34 GMT", Keep-Alive:"timeout=60", X-Content-Type-Options:"nosniff", X-XSS-Protection:"1; mode=block", Cache-Control:"no-cache, no-store, max-age=0, must-revalidate", Pragma:"no-cache", Expires:"0", X-Frame-Options:"DENY", Content-Type:"application/json", Transfer-Encoding:"chunked", Connection:"keep-alive"]> |
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· DeepSeek 开源周回顾「GitHub 热点速览」
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· AI与.NET技术实操系列(二):开始使用ML.NET
· 单线程的Redis速度为什么快?