AuthorizedClientServiceoAuth2AuthorizedClientManager: AccessToken не может быть нулевым

AuthorizedClientServiceoAuth2AuthorizedClientManager: AccessToken не может быть нулевым ⇐ JAVA

Ответить

1 сообщение • Страница 1 из 1

Anonymous

AuthorizedClientServiceoAuth2AuthorizedClientManager: AccessToken не может быть нулевым

Цитата

Сообщение Anonymous » 28 янв 2025, 23:03

Чтобы < /p>

Аутентификация с помощью стороннего API с использованием OAuth2 и < /li>
Используйте прокси для этого , < /li>
< /ul>
В микросервисе Web-App с обычной пружиной (Java 21) я использовал комбинацию < /p>

Custom Clienthttprequestinterceptor < /code>, < /li>
Некоторые пользовательские бобы конфигурации, < /li>
и пользовательский oauth2authorizedclientmanager < /code>,

И это сработало ОК ...
Но теперь, DefaultClientCredentialStokenResponseclient был устарел к весне, и я не могу получить его замену, RestClientCredentialStokenResponseclient работа.

Код: Выделить всё

@Component
@RequiredArgsConstructor
@Slf4j
public class ThirdpartyOAuthRequestInterceptor implements ClientHttpRequestInterceptor {

private final @Qualifier(THIRDPARTY_AUTH_CLIENT_MGR) AuthorizedClientServiceOAuth2AuthorizedClientManager thirdpartyAuthorizedClientManager;

@Override
public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) throws IOException {

OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest
.withClientRegistrationId(
ThirdpartyConfiguration.THIRDPARTY_REGISTATION_ID)
.principal("OUR SERVICE").build();

OAuth2AuthorizedClient authorizedClient = thirdpartyAuthorizedClientManager.authorize(authorizeRequest);

OAuth2AccessToken accessToken = Objects.requireNonNull(authorizedClient).getAccessToken();
request.getHeaders().add(HttpHeaders.AUTHORIZATION, "Bearer "  + accessToken.getTokenValue());

return execution.execute(request, body);
}

}

И вот новая версия конфигурационных бобов, содержащих авторизованный ClientserviceoAuth2AuthorizedClientManager , который использует RestTemplate :

Код: Выделить всё

@Configuration
@RequiredArgsConstructor
@Slf4j
public class ThirdpartyConfiguration {

private final ThirdpartyConfigurationProperties properties;

public static final String THIRDPARTY_AUTH_CLIENT_MGR = "thirdpartyAuthorizedClientManager";
public static final String THIRDPARTY_REGISTATION_ID = "thirdparty";

@Bean
ClientRegistration thirdpartyClientRegistration(ThirdpartyConfigurationProperties config) {
return ClientRegistration
.withRegistrationId(THIRDPARTY_REGISTATION_ID)
.tokenUri(config.getTokenEndpoint().toString())
.clientId(config.getClientId())
.clientSecret(config.getClientSecret())
.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
.build();
}

@Bean
public ClientRegistrationRepository clientRegistrationRepository(ClientRegistration thirdpartyClientRegistration) {
return new InMemoryClientRegistrationRepository(thirdpartyClientRegistration);
}

@Bean(THIRDPARTY_AUTH_CLIENT_MGR)
public AuthorizedClientServiceOAuth2AuthorizedClientManager thirdpartyAuthorizedClientManager(
final ClientRegistrationRepository clientRegistrationRepository,
final OAuth2AuthorizedClientService authorizedClientService) {

final var tokenResponseClient = new RestClientClientCredentialsTokenResponseClient();

RestClient restClient = RestClient.builder(buildRestTemplate(properties))
.baseUrl(String.valueOf(properties.getTokenEndpoint()))
.build();
tokenResponseClient.setRestClient(restClient);

final var authorizedClientProvider = new ClientCredentialsOAuth2AuthorizedClientProvider();
authorizedClientProvider.setAccessTokenResponseClient(tokenResponseClient);

final var authClientManager =
new AuthorizedClientServiceOAuth2AuthorizedClientManager(
clientRegistrationRepository, authorizedClientService);
authClientManager.setAuthorizedClientProvider(authorizedClientProvider);

return authClientManager;
}

private RestTemplate buildRestTemplate(ThirdpartyConfigurationProperties config) {

HttpHost proxy = new HttpHost(config.getProxyHostname(), config.getProxyPort());
var httpClient = HttpClientBuilder.create()
.setRoutePlanner(new DefaultProxyRoutePlanner(proxy))
.build();
var proxyRequestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);

var restTemplate = new RestTemplate();
restTemplate.setRequestFactory(new BufferingClientHttpRequestFactory(proxyRequestFactory));
var interceptors = restTemplate.getInterceptors();
interceptors.add(new LoggingInterceptor());
restTemplate.setInterceptors(interceptors);

return restTemplate;
}

public static class LoggingInterceptor implements ClientHttpRequestInterceptor {

@Override
public ClientHttpResponse intercept(
HttpRequest req, byte[] reqBody, ClientHttpRequestExecution ex) throws IOException {
LOG.info("Request body: {}", new String(reqBody, StandardCharsets.UTF_8));
ClientHttpResponse response = ex.execute(req, reqBody);
InputStreamReader isr = new InputStreamReader(
response.getBody(), StandardCharsets.UTF_8);
String body = new BufferedReader(isr).lines()
.collect(Collectors.joining("\n"));
LOG.info("Response body: {}", body);

return response;
}
}
}
< /code>
Сообщение об ошибке: < /p>
ERROR 1 --- [nio-8080-exec-1] o.a.c.c.C.[.[.[.[dispatcherServlet]      : Servlet.service() for servlet [dispatcherServlet] in context with path [/eed] threw exception [Request processing failed: java.lang.IllegalArgumentException: accessToken cannot be null] with root cause

java.lang.IllegalArgumentException:  accessToken cannot be null
at org.springframework.util.Assert.notNull(Assert.java:181) ~[spring-core-6.2.2.jar:6.2.2]
at org.springframework.security.oauth2.client.OAuth2AuthorizedClient.(OAuth2AuthorizedClient.java:78) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
at org.springframework.security.oauth2.client.OAuth2AuthorizedClient.(OAuth2AuthorizedClient.java:64) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
at org.springframework.security.oauth2.client.ClientCredentialsOAuth2AuthorizedClientProvider.authorize(ClientCredentialsOAuth2AuthorizedClientProvider.java:87) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
at org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager.authorize(AuthorizedClientServiceOAuth2AuthorizedClientManager.java:144) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
at this.is.ours.thirdparty.configuration.ThirdpartyOAuthRequestInterceptor.intercept(ThirdpartyOAuthRequestInterceptor.java:38) ~[classes/:1.0.576]
< /code>
Но журналы показывают, что ответ выглядит нормально: < /p>
Response body: {"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJLTWtORUZudjNYYWhLSEk5YmFvc29XYS1rQWmVzb3VyY2VfYWNjZXNzIjp7IndlcnQxNC1hcGkiOnsicm9sZXMiOlsiYWNjZXNzIiwidzE0LWFwaTp2MTpidWlsZGluZ19wcmVmaWxsOnJlcG9ydDplbmVyZ3lfcGVyZm9ybWFuY2VfY2VydGlmaWNhdGVfZHJhZnZmB5PA","expires_in":300,"refresh_expires_in":0,"token_type":"Bearer","not-before-policy":1662484858,"scope":""}

Что может пойти не так?

Подробнее здесь: https://stackoverflow.com/questions/793 ... ot-be-null

1738094591

Anonymous

 Чтобы < /p>
[list]
[*] Аутентификация с помощью стороннего API с использованием OAuth2 и < /li>
 Используйте прокси для этого , < /li>
< /ul>
В микросервисе Web-App с обычной пружиной (Java 21) я использовал комбинацию < /p>

 Custom Clienthttprequestinterceptor < /code>, < /li>
 Некоторые пользовательские бобы конфигурации, < /li>
 и пользовательский oauth2authorizedclientmanager < /code>,
[/list]
И это сработало ОК ...  
Но теперь, DefaultClientCredentialStokenResponseclient  был устарел к весне, и я не могу получить его замену, RestClientCredentialStokenResponseclient  работа.[code]@Component
@RequiredArgsConstructor
@Slf4j
public class ThirdpartyOAuthRequestInterceptor implements ClientHttpRequestInterceptor {

private final @Qualifier(THIRDPARTY_AUTH_CLIENT_MGR) AuthorizedClientServiceOAuth2AuthorizedClientManager thirdpartyAuthorizedClientManager;

@Override
public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) throws IOException {

OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest
.withClientRegistrationId(
ThirdpartyConfiguration.THIRDPARTY_REGISTATION_ID)
.principal("OUR SERVICE").build();

OAuth2AuthorizedClient authorizedClient = thirdpartyAuthorizedClientManager.authorize(authorizeRequest);

OAuth2AccessToken accessToken = Objects.requireNonNull(authorizedClient).getAccessToken();
request.getHeaders().add(HttpHeaders.AUTHORIZATION, "Bearer "  + accessToken.getTokenValue());

return execution.execute(request, body);
}

}
[/code]
И вот новая версия конфигурационных бобов, содержащих авторизованный ClientserviceoAuth2AuthorizedClientManager , который использует RestTemplate : 
[code]@Configuration
@RequiredArgsConstructor
@Slf4j
public class ThirdpartyConfiguration {

private final ThirdpartyConfigurationProperties properties;

public static final String THIRDPARTY_AUTH_CLIENT_MGR = "thirdpartyAuthorizedClientManager";
public static final String THIRDPARTY_REGISTATION_ID = "thirdparty";

@Bean
ClientRegistration thirdpartyClientRegistration(ThirdpartyConfigurationProperties config) {
return ClientRegistration
.withRegistrationId(THIRDPARTY_REGISTATION_ID)
.tokenUri(config.getTokenEndpoint().toString())
.clientId(config.getClientId())
.clientSecret(config.getClientSecret())
.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
.build();
}

@Bean
public ClientRegistrationRepository clientRegistrationRepository(ClientRegistration thirdpartyClientRegistration) {
return new InMemoryClientRegistrationRepository(thirdpartyClientRegistration);
}

@Bean(THIRDPARTY_AUTH_CLIENT_MGR)
public AuthorizedClientServiceOAuth2AuthorizedClientManager thirdpartyAuthorizedClientManager(
final ClientRegistrationRepository clientRegistrationRepository,
final OAuth2AuthorizedClientService authorizedClientService) {

final var tokenResponseClient = new RestClientClientCredentialsTokenResponseClient();

RestClient restClient = RestClient.builder(buildRestTemplate(properties))
.baseUrl(String.valueOf(properties.getTokenEndpoint()))
.build();
tokenResponseClient.setRestClient(restClient);

final var authorizedClientProvider = new ClientCredentialsOAuth2AuthorizedClientProvider();
authorizedClientProvider.setAccessTokenResponseClient(tokenResponseClient);

final var authClientManager =
new AuthorizedClientServiceOAuth2AuthorizedClientManager(
clientRegistrationRepository, authorizedClientService);
authClientManager.setAuthorizedClientProvider(authorizedClientProvider);

return authClientManager;
}

private RestTemplate buildRestTemplate(ThirdpartyConfigurationProperties config) {

HttpHost proxy = new HttpHost(config.getProxyHostname(), config.getProxyPort());
var httpClient = HttpClientBuilder.create()
.setRoutePlanner(new DefaultProxyRoutePlanner(proxy))
.build();
var proxyRequestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);

var restTemplate = new RestTemplate();
restTemplate.setRequestFactory(new BufferingClientHttpRequestFactory(proxyRequestFactory));
var interceptors = restTemplate.getInterceptors();
interceptors.add(new LoggingInterceptor());
restTemplate.setInterceptors(interceptors);

return restTemplate;
}

public static class LoggingInterceptor implements ClientHttpRequestInterceptor {

@Override
public ClientHttpResponse intercept(
HttpRequest req, byte[] reqBody, ClientHttpRequestExecution ex) throws IOException {
LOG.info("Request body: {}", new String(reqBody, StandardCharsets.UTF_8));
ClientHttpResponse response = ex.execute(req, reqBody);
InputStreamReader isr = new InputStreamReader(
response.getBody(), StandardCharsets.UTF_8);
String body = new BufferedReader(isr).lines()
.collect(Collectors.joining("\n"));
LOG.info("Response body: {}", body);

return response;
}
}
}
< /code>
Сообщение об ошибке: < /p>
ERROR 1 --- [nio-8080-exec-1] o.a.c.c.C.[.[.[.[dispatcherServlet]      : Servlet.service() for servlet [dispatcherServlet] in context with path [/eed] threw exception [Request processing failed: java.lang.IllegalArgumentException: accessToken cannot be null] with root cause

java.lang.IllegalArgumentException:  accessToken cannot be null
at org.springframework.util.Assert.notNull(Assert.java:181) ~[spring-core-6.2.2.jar:6.2.2]
at org.springframework.security.oauth2.client.OAuth2AuthorizedClient.(OAuth2AuthorizedClient.java:78) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
at org.springframework.security.oauth2.client.OAuth2AuthorizedClient.(OAuth2AuthorizedClient.java:64) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
at org.springframework.security.oauth2.client.ClientCredentialsOAuth2AuthorizedClientProvider.authorize(ClientCredentialsOAuth2AuthorizedClientProvider.java:87) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
at org.springframework.security.oauth2.client.AuthorizedClientServiceOAuth2AuthorizedClientManager.authorize(AuthorizedClientServiceOAuth2AuthorizedClientManager.java:144) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
at this.is.ours.thirdparty.configuration.ThirdpartyOAuthRequestInterceptor.intercept(ThirdpartyOAuthRequestInterceptor.java:38) ~[classes/:1.0.576]
< /code>
Но журналы показывают, что ответ выглядит нормально: < /p>
Response body: {"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJLTWtORUZudjNYYWhLSEk5YmFvc29XYS1rQWmVzb3VyY2VfYWNjZXNzIjp7IndlcnQxNC1hcGkiOnsicm9sZXMiOlsiYWNjZXNzIiwidzE0LWFwaTp2MTpidWlsZGluZ19wcmVmaWxsOnJlcG9ydDplbmVyZ3lfcGVyZm9ybWFuY2VfY2VydGlmaWNhdGVfZHJhZnZmB5PA","expires_in":300,"refresh_expires_in":0,"token_type":"Bearer","not-before-policy":1662484858,"scope":""}
[/code]
Что может пойти не так?  

Подробнее здесь: [url]https://stackoverflow.com/questions/79390936/authorizedclientserviceoauth2authorizedclientmanager-accesstoken-cannot-be-null[/url]