我有一个项目与Spring Boot和Angular 发展。样板文件是用jhipster创建的。我遇到了b2c注销流的问题。当我对网络中的路径“/logout/”执行http post时,我会看到三个结果:
首先,xhr向我发送以下结果:
Request URL: http://localhost:4200/logout
Request Method: POST
Status Code: 302 Found之后我看到另外两个电话:
Request URL:
https://myproject.b2clogin.com/myproject.onmicrosoft.com/oauth2/v2.0/logout?post_logout_redirect_uri=https%3A%2F%2Flocalhost%3A4200%2F&p=B2C_1_SignUpSignIn
Request Method: OPTIONS
Status Code: 200 OK我以这种方式管理http调用:
logout(): any {
const headers: HttpHeaders = new HttpHeaders({ responseType: 'json' });
const options = { responseType: 'text' as 'json' };
const response = this.http
.post(environment.SERVER_API_URL + 'logout', {}, options)
.toPromise()
.then(res => {
console.log(res);
})
.catch(error => {
console.log(error);
});
}在signinsignout b2c页面上没有任何重定向之后,我仍然在angular主页上,但是我刚刚注销(如果我尝试做一些操作,所有服务都会给我401http响应)。
在success回调中,我看到以下结果:
<!DOCTYPE html>
<!-- Build: 1.0.1985.1 -->
<!-- StateVersion: 2.1.1 -->
<!-- DeploymentMode: Production -->
<!-- CorrelationId: 9d286946-3336-48c2-967e-57df9334740c -->
<!-- DataCenter: DB2 -->
<!-- Slice: 001-000 -->
<html lang="en-US"><head><link rel="icon" href="data:;base64,iVBORw0KGgo="><script data-script="jQuery" src="https://myproject.b2clogin.com/static/library/jquery-3.4.1.min.js?slice=001-000&dc=DB2" nonce="OdDTz0mcnQg5RO+7bcpZ0g=="></script><title>Loading...</title><style>.no_display{display:none}.error_container h1{color:#333;font-size:1.2em;font-family:'Segoe UI Light',Segoe,'Segoe UI',SegoeUI-Light-final,Tahoma,Helvetica,Arial,sans-serif;font-weight:lighter}.error_container p{color:#333;font-size:.8em;font-family:'Segoe UI',Segoe,SegoeUI-Regular-final,Tahoma,Helvetica,Arial,sans-serif;margin:14px 0}</style></head><body><script id="LogoutProcessor" data-script="LogoutProcessor" nonce="OdDTz0mcnQg5RO+7bcpZ0g==">"use strict";(function(n){function t(n){return n==="GET"}function i(){return document.body||document.getElementsByTagName("body")[0]}function r(n,t){var i=document.createElement("form"),r;return i.id=i.action=n,i.method="post",i.target=n,t.forEach(function(n){var t=document.createElement("input");t.type="hidden";t.id=t.name=n.id;t.value=n.value;i.appendChild(t)}),r=document.createElement("script"),r.text="document.getElementById('"+n+"').submit();",i.appendChild(r),i}n.when().then(function(){var n={action:"https%3a%2f%2flocalhost%3a4200%2f",method:"GET",fields:null},u;if(t(n.method)){window.location.replace(decodeURIComponent(n.action));return}u=r(n.action,n.fields);u.target="_self";i().appendChild(u)})})(jQuery)</script></body></html>这是我调用注销服务时的后端日志:
4.024 DEBUG 184810 --- [ XNIO-1 task-8] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/logout'; against '/logout'
2021-03-27 10:21:54.024 DEBUG 184810 --- [ XNIO-1 task-8] o.s.s.w.a.logout.LogoutFilter : Logging out user 'org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken@12ac0: Principal: org.springframework.security.oauth2.jwt.Jwt@fa7c3e53; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffed504: RemoteIpAddress: 127.0.0.1; SessionId: r-B6IHALJ3y3qNzKSrdkUCjMB_ISchY817mSU5yS; Not granted any authorities' and transferring to logout destination
2021-03-27 10:21:54.024 DEBUG 184810 --- [ XNIO-1 task-8] o.s.s.w.a.l.SecurityContextLogoutHandler : Invalidating session: r-B6IHALJ3y3qNzKSrdkUCjMB_ISchY817mSU5yS
2021-03-27 10:21:54.024 DEBUG 184810 --- [ XNIO-1 task-8] c.a.s.a.b2c.AADB2CLogoutSuccessHandler : Using default Url: https://myproject.b2clogin.com/myproject.onmicrosoft.com/oauth2/v2.0/logout?post_logout_redirect_uri=https%3A%2F%2Flocalhost%3A4200%2F&p=B2C_1_SignUpSignIn
2021-03-27 10:21:54.025 DEBUG 184810 --- [ XNIO-1 task-8] o.s.s.web.DefaultRedirectStrategy : Redirecting to 'https://myproject.b2clogin.com/myproject.onmicrosoft.com/oauth2/v2.0/logout?post_logout_redirect_uri=https%3A%2F%2Flocalhost%3A4200%2F&p=B2C_1_SignUpSignIn'
2021-03-27 10:21:54.025 DEBUG 184810 --- [ XNIO-1 task-8] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@3bea4ead
2021-03-27 10:21:54.025 DEBUG 184810 --- [ XNIO-1 task-8] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2021-03-27 10:21:54.025 DEBUG 184810 --- [ XNIO-1 task-8] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2021-03-27 10:22:43.891 DEBUG 184810 --- [ parallel-2] c.a.m.s.i.ServiceBusReactorReceiver : linkName[local-storage_b7e665_1616779847762]: Cleaning timed out update work tasks.
2021-03-27 10:22:43.914 DEBUG 184810 --- [ parallel-7] c.a.m.s.i.ServiceBusReactorReceiver : linkName[local-storage_c12df5_1616779857764]: Cleaning timed out update work tasks.
2021-03-27 10:22:43.919 DEBUG 184810 --- [ parallel-8] c.a.m.s.i.ServiceBusReactorReceiver : linkName[local-storage_bf2bf4_1616779867765]: Cleaning timed out update work tasks.
2021-03-27 10:22:43.921 DEBUG 184810 --- [ parallel-1] c.a.m.s.i.ServiceBusReactorReceiver : linkName[local-storage_9a33f4_1616779877767]: Cleaning timed out update work tasks.
2021-03-27 10:22:43.923 DEBUG 184810 --- [ parallel-2] c.a.m.s.i.ServiceBusReactorReceiver : linkName[local-storage_d4ea8e_1616779887769]: Cleaning timed out update work tasks.我找不到一个文档,从中我可以找到任何解决方案来管理这个问题。有什么建议吗?谢谢你们!
暂无答案!
目前还没有任何答案,快来回答吧!