Мобильная версияКонфигурация моего сервера
Код: Выделить всё
package in.cdac.oauthserver;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jose.jwk.source.ImmutableJWKSet;
import com.nimbusds.jose.jwk.source.JWKSource;
import com.nimbusds.jose.proc.SecurityContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.http.MediaType;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.core.oidc.OidcScopes;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.util.matcher.MediaTypeRequestMatcher;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.UUID;
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
@Order(1)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http)
throws Exception {
OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
http.getConfigurer(OAuth2AuthorizationServerConfigurer.class)
.oidc(Customizer.withDefaults()); // Enable OpenID Connect 1.0
http
// Redirect to the login page when not authenticated from the
// authorization endpoint
.exceptionHandling((exceptions) -> exceptions
.defaultAuthenticationEntryPointFor(
new LoginUrlAuthenticationEntryPoint("/login"),
new MediaTypeRequestMatcher(MediaType.TEXT_HTML)
)
)
// Accept access tokens for User Info and/or Client Registration
.oauth2ResourceServer((resourceServer) -> resourceServer
.jwt(Customizer.withDefaults()));
return http.build();
}
@Bean
@Order(2)
public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http)
throws Exception {
http
.authorizeHttpRequests((authorize) -> authorize
.anyRequest().authenticated()
)
// Form login handles the redirect to the login page from the
// authorization server filter chain
.formLogin(Customizer.withDefaults());
return http.build();
}
@Bean
public UserDetailsService userDetailsService() {
UserDetails userDetails = User.withDefaultPasswordEncoder()
.username("user")
.password("password")
.roles("USER")
.build();
return new InMemoryUserDetailsManager(userDetails);
}
@Bean
public RegisteredClientRepository registeredClientRepository() {
RegisteredClient oidcClient = RegisteredClient.withId(UUID.randomUUID().toString())
.clientId("my-client")
.clientSecret("my-secret")
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
.redirectUri("http://localhost:8080/login/oauth2/code/my-client")
.postLogoutRedirectUri("http://localhost:8080")
.scope(OidcScopes.OPENID)
.scope(OidcScopes.PROFILE)
.clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build())
.build();
return new InMemoryRegisteredClientRepository(oidcClient);
}
@Bean
public JWKSource jwkSource() {
KeyPair keyPair = generateRsaKey();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
RSAKey rsaKey = new RSAKey.Builder(publicKey)
.privateKey(privateKey)
.keyID(UUID.randomUUID().toString())
.build();
JWKSet jwkSet = new JWKSet(rsaKey);
return new ImmutableJWKSet(jwkSet);
}
private static KeyPair generateRsaKey() {
KeyPair keyPair;
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(2048);
keyPair = keyPairGenerator.generateKeyPair();
} catch (Exception ex) {
throw new IllegalStateException(ex);
}
return keyPair;
}
@Bean
public JwtDecoder jwtDecoder(JWKSource jwkSource) {
return OAuth2AuthorizationServerConfiguration.jwtDecoder(jwkSource);
}
@Bean
public AuthorizationServerSettings authorizationServerSettings() {
return AuthorizationServerSettings.builder().build();
}
}
Код: Выделить всё
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests(authorizeRequests -> authorizeRequests
.requestMatchers("/", "/login**", "/webjars/**").permitAll()
.anyRequest().authenticated()
)
.oauth2Login(oauth2 -> oauth2
.loginPage("/oauth2/authorization/my-client")
.defaultSuccessUrl("/profile", true)
);
http.sessionManagement(sessionManagement -> sessionManagement
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) // Create sessions as needed
.invalidSessionUrl("/session-invalid") // Redirect to this URL if the session is invalid
.maximumSessions(1) // Restrict to one session per user
.expiredUrl("/session-expired") // Redirect when session expires
);
return http.build();
}
}
Код: Выделить всё
# OAuth2 Client Configuration
spring.security.oauth2.client.registration.my-client.client-id=my-client
spring.security.oauth2.client.registration.my-client.client-secret=my-secret
spring.security.oauth2.client.registration.my-client.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.my-client.redirect-uri=http://localhost:8080/login/oauth2/code/my-client
spring.security.oauth2.client.registration.my-client.scope=openid,profile
# OAuth2 Provider Configuration (Authorization Server details)
spring.security.oauth2.client.provider.my-client.authorization-uri=http://localhost:8081/oauth2/authorize
spring.security.oauth2.client.provider.my-client.token-uri=http://localhost:8081/oauth2/token
spring.security.oauth2.client.provider.my-client.user-info-uri=http://localhost:8081/oauth2/userinfo
spring.security.oauth2.client.provider.my-client.user-name-attribute=sub
logging.level.org.springframework.security=DEBUG
Код: Выделить всё
2024-08-06T12:13:29.308+05:30 INFO 13711 --- [oauthserver] [nio-8081-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
2024-08-06T12:13:29.308+05:30 INFO 13711 --- [oauthserver] [nio-8081-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
2024-08-06T12:13:29.309+05:30 INFO 13711 --- [oauthserver] [nio-8081-exec-1] o.s.web.servlet.DispatcherServlet : Completed initialization in 1 ms
2024-08-06T12:13:29.322+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-1] o.s.security.web.FilterChainProxy : Securing GET /oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=SgC8G5h9-wkVggMGOICpWpVaBMJmo1Ow3UQIUFPr9jM%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=_63ixztbIPEetkkBNNy9yh2tIsczYuygsspsaqdPq6c
2024-08-06T12:13:29.336+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-1] o.s.s.w.a.AnonymousAuthenticationFilter : Set SecurityContextHolder to anonymous SecurityContext
2024-08-06T12:13:29.343+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-1] o.s.s.w.s.HttpSessionRequestCache : Saved request http://localhost:8081/oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=SgC8G5h9-wkVggMGOICpWpVaBMJmo1Ow3UQIUFPr9jM%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=_63ixztbIPEetkkBNNy9yh2tIsczYuygsspsaqdPq6c&continue to session
2024-08-06T12:13:29.346+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-1] s.w.a.DelegatingAuthenticationEntryPoint : Trying to match using MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.HeaderContentNegotiationStrategy@6ca5361a, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]
2024-08-06T12:13:29.346+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-1] s.w.a.DelegatingAuthenticationEntryPoint : Match found! Executing org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint@c5bd951
2024-08-06T12:13:29.347+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-1] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://localhost:8081/login
2024-08-06T12:13:29.353+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-2] o.s.security.web.FilterChainProxy : Securing GET /login
2024-08-06T12:13:34.531+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-4] o.s.security.web.FilterChainProxy : Securing GET /oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=pBlbHJlO_BEYmWKGzynIf_KJfk6Has6hT2vO6sNpEp8%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=lBT4DVeKe7Uj3E38C55cby1GFjU30bGYlOQx46nH1hE
2024-08-06T12:13:34.532+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-4] o.s.s.w.a.AnonymousAuthenticationFilter : Set SecurityContextHolder to anonymous SecurityContext
2024-08-06T12:13:34.534+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-4] o.s.s.w.s.HttpSessionRequestCache : Saved request http://localhost:8081/oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=pBlbHJlO_BEYmWKGzynIf_KJfk6Has6hT2vO6sNpEp8%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=lBT4DVeKe7Uj3E38C55cby1GFjU30bGYlOQx46nH1hE&continue to session
2024-08-06T12:13:34.534+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-4] s.w.a.DelegatingAuthenticationEntryPoint : Trying to match using MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.HeaderContentNegotiationStrategy@6ca5361a, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]
2024-08-06T12:13:34.535+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-4] s.w.a.DelegatingAuthenticationEntryPoint : Match found! Executing org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint@c5bd951
2024-08-06T12:13:34.535+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-4] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://localhost:8081/login
2024-08-06T12:13:34.541+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-5] o.s.security.web.FilterChainProxy : Securing GET /login
2024-08-06T12:13:46.880+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-6] o.s.security.web.FilterChainProxy : Securing POST /login
2024-08-06T12:13:47.075+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-6] o.s.s.a.dao.DaoAuthenticationProvider : Authenticated user
2024-08-06T12:13:47.077+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-6] .s.ChangeSessionIdAuthenticationStrategy : Changed session id from 8CC7EE7542AF26456E847E4DB638ED6A
2024-08-06T12:13:47.077+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-6] o.s.s.w.csrf.CsrfAuthenticationStrategy : Replaced CSRF Token
2024-08-06T12:13:47.078+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-6] w.c.HttpSessionSecurityContextRepository : Stored SecurityContextImpl [Authentication=UsernamePasswordAuthenticationToken [Principal=org.springframework.security.core.userdetails.User [Username=user, Password=[PROTECTED], Enabled=true, AccountNonExpired=true, CredentialsNonExpired=true, AccountNonLocked=true, Granted Authorities=[ROLE_USER]], Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=0:0:0:0:0:0:0:1, SessionId=8CC7EE7542AF26456E847E4DB638ED6A], Granted Authorities=[ROLE_USER]]] to HttpSession [org.apache.catalina.session.StandardSessionFacade@7d82348f]
2024-08-06T12:13:47.078+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-6] w.a.UsernamePasswordAuthenticationFilter : Set SecurityContextHolder to UsernamePasswordAuthenticationToken [Principal=org.springframework.security.core.userdetails.User [Username=user, Password=[PROTECTED], Enabled=true, AccountNonExpired=true, CredentialsNonExpired=true, AccountNonLocked=true, Granted Authorities=[ROLE_USER]], Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=0:0:0:0:0:0:0:1, SessionId=8CC7EE7542AF26456E847E4DB638ED6A], Granted Authorities=[ROLE_USER]]
2024-08-06T12:13:47.078+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-6] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://localhost:8081/oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=pBlbHJlO_BEYmWKGzynIf_KJfk6Has6hT2vO6sNpEp8%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=lBT4DVeKe7Uj3E38C55cby1GFjU30bGYlOQx46nH1hE&continue
2024-08-06T12:13:47.084+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-7] o.s.security.web.FilterChainProxy : Securing GET /oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=pBlbHJlO_BEYmWKGzynIf_KJfk6Has6hT2vO6sNpEp8%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=lBT4DVeKe7Uj3E38C55cby1GFjU30bGYlOQx46nH1hE&continue
2024-08-06T12:13:47.086+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-7] w.c.HttpSessionSecurityContextRepository : Retrieved SecurityContextImpl [Authentication=UsernamePasswordAuthenticationToken [Principal=org.springframework.security.core.userdetails.User [Username=user, Password=[PROTECTED], Enabled=true, AccountNonExpired=true, CredentialsNonExpired=true, AccountNonLocked=true, Granted Authorities=[ROLE_USER]], Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=0:0:0:0:0:0:0:1, SessionId=8CC7EE7542AF26456E847E4DB638ED6A], Granted Authorities=[ROLE_USER]]]
2024-08-06T12:13:54.004+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-8] o.s.security.web.FilterChainProxy : Securing POST /oauth2/authorize
2024-08-06T12:13:54.007+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-8] w.c.HttpSessionSecurityContextRepository : Retrieved SecurityContextImpl [Authentication=UsernamePasswordAuthenticationToken [Principal=org.springframework.security.core.userdetails.User [Username=user, Password=[PROTECTED], Enabled=true, AccountNonExpired=true, CredentialsNonExpired=true, AccountNonLocked=true, Granted Authorities=[ROLE_USER]], Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=0:0:0:0:0:0:0:1, SessionId=8CC7EE7542AF26456E847E4DB638ED6A], Granted Authorities=[ROLE_USER]]]
2024-08-06T12:13:54.015+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-8] o.s.s.core.session.SessionRegistryImpl : Registering session 15A5C24EB2C54BE9F3ECAEA61B1DA7B9, for principal org.springframework.security.core.userdetails.User [Username=user, Password=[PROTECTED], Enabled=true, AccountNonExpired=true, CredentialsNonExpired=true, AccountNonLocked=true, Granted Authorities=[ROLE_USER]]
2024-08-06T12:13:54.018+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-8] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://localhost:8080/login/oauth2/code/my-client?code=xKdlogFmUiT8VL63iLCIfksexGifKDGdmOjcCjXPWKGH5wBGQWW3p_xekh7o9EFiSBQnjyHysbBYuAVMITy9S17r7BMDu1IcXNabukwjF49IJ-_x0wd-qcw5TCKLRoT5&state=pBlbHJlO_BEYmWKGzynIf_KJfk6Has6hT2vO6sNpEp8%3D
2024-08-06T12:13:54.046+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-9] o.s.security.web.FilterChainProxy : Securing GET /oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=rIq9jV2lTwe7g1lbPFrzvgu-H16hgtdszZ6brHvCSQI%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=SCw43q9bO11YldYWIdUCDOwmGIizZcBufiCz8rZTOaM
2024-08-06T12:13:54.049+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-9] o.s.s.w.a.AnonymousAuthenticationFilter : Set SecurityContextHolder to anonymous SecurityContext
2024-08-06T12:13:54.053+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-9] o.s.s.w.s.HttpSessionRequestCache : Saved request http://localhost:8081/oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=rIq9jV2lTwe7g1lbPFrzvgu-H16hgtdszZ6brHvCSQI%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=SCw43q9bO11YldYWIdUCDOwmGIizZcBufiCz8rZTOaM&continue to session
2024-08-06T12:13:54.053+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-9] s.w.a.DelegatingAuthenticationEntryPoint : Trying to match using MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.HeaderContentNegotiationStrategy@6ca5361a, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]
2024-08-06T12:13:54.054+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-9] s.w.a.DelegatingAuthenticationEntryPoint : Match found! Executing org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint@c5bd951
2024-08-06T12:13:54.054+05:30 DEBUG 13711 --- [oauthserver] [nio-8081-exec-9] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://localhost:8081/login
2024-08-06T12:13:54.060+05:30 DEBUG 13711 --- [oauthserver] [io-8081-exec-10] o.s.security.web.FilterChainProxy : Securing GET /login
Код: Выделить всё
2024-08-06T12:13:27.411+05:30 INFO 13789 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
2024-08-06T12:13:27.412+05:30 INFO 13789 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
2024-08-06T12:13:27.412+05:30 INFO 13789 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : Completed initialization in 0 ms
2024-08-06T12:13:27.422+05:30 DEBUG 13789 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : Securing GET /
2024-08-06T12:13:27.428+05:30 DEBUG 13789 --- [nio-8080-exec-1] o.s.s.w.a.AnonymousAuthenticationFilter : Set SecurityContextHolder to anonymous SecurityContext
2024-08-06T12:13:27.429+05:30 DEBUG 13789 --- [nio-8080-exec-1] o.s.security.web.FilterChainProxy : Secured GET /
2024-08-06T12:13:29.227+05:30 DEBUG 13789 --- [nio-8080-exec-2] o.s.security.web.FilterChainProxy : Securing GET /favicon.ico
2024-08-06T12:13:29.228+05:30 DEBUG 13789 --- [nio-8080-exec-2] o.s.s.w.a.AnonymousAuthenticationFilter : Set SecurityContextHolder to anonymous SecurityContext
2024-08-06T12:13:29.231+05:30 DEBUG 13789 --- [nio-8080-exec-2] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://localhost:8080/oauth2/authorization/my-client
2024-08-06T12:13:29.235+05:30 DEBUG 13789 --- [nio-8080-exec-3] o.s.security.web.FilterChainProxy : Securing GET /oauth2/authorization/my-client
2024-08-06T12:13:29.254+05:30 DEBUG 13789 --- [nio-8080-exec-3] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://localhost:8081/oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=SgC8G5h9-wkVggMGOICpWpVaBMJmo1Ow3UQIUFPr9jM%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=_63ixztbIPEetkkBNNy9yh2tIsczYuygsspsaqdPq6c
2024-08-06T12:13:34.522+05:30 DEBUG 13789 --- [nio-8080-exec-4] o.s.security.web.FilterChainProxy : Securing GET /oauth2/authorization/my-client
2024-08-06T12:13:34.525+05:30 DEBUG 13789 --- [nio-8080-exec-4] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://localhost:8081/oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=pBlbHJlO_BEYmWKGzynIf_KJfk6Has6hT2vO6sNpEp8%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=lBT4DVeKe7Uj3E38C55cby1GFjU30bGYlOQx46nH1hE
2024-08-06T12:13:54.026+05:30 DEBUG 13789 --- [nio-8080-exec-5] o.s.security.web.FilterChainProxy : Securing GET /login/oauth2/code/my-client?code=xKdlogFmUiT8VL63iLCIfksexGifKDGdmOjcCjXPWKGH5wBGQWW3p_xekh7o9EFiSBQnjyHysbBYuAVMITy9S17r7BMDu1IcXNabukwjF49IJ-_x0wd-qcw5TCKLRoT5&state=pBlbHJlO_BEYmWKGzynIf_KJfk6Has6hT2vO6sNpEp8%3D
2024-08-06T12:13:54.031+05:30 DEBUG 13789 --- [nio-8080-exec-5] o.s.s.web.DefaultRedirectStrategy : Redirecting to /oauth2/authorization/my-client?error
2024-08-06T12:13:54.039+05:30 DEBUG 13789 --- [nio-8080-exec-6] o.s.security.web.FilterChainProxy : Securing GET /oauth2/authorization/my-client?error
2024-08-06T12:13:54.040+05:30 DEBUG 13789 --- [nio-8080-exec-6] o.s.s.web.DefaultRedirectStrategy : Redirecting to http://localhost:8081/oauth2/authorize?response_type=code&client_id=my-client&scope=openid%20profile&state=rIq9jV2lTwe7g1lbPFrzvgu-H16hgtdszZ6brHvCSQI%3D&redirect_uri=http://localhost:8080/login/oauth2/code/my-client&nonce=SCw43q9bO11YldYWIdUCDOwmGIizZcBufiCz8rZTOaM
Кроме того, форма согласия отображается только тогда, когда я перезапускаю сервер, после этого даже в новом окне инконгито он просто продолжает перенаправляться на страницу входа.
Я думаю, проблема в URL-адресах перенаправления, но не смог найти любой, пожалуйста, помогите найти проблему
Подробнее здесь: https://stackoverflow.com/questions/788 ... -to-client
