java 正在获取401以访问

wz1wpwve 于 2022-10-30 发布在 Java

关注(0)|答案(2)|浏览(165)

我从我的angularjs客户端应用程序点击一个端点登录时，我正在做一个我在浏览器控制台中得到以下错误
选项http://localhost:8080/oauth/token XMLHttpRequest无法加载http://localhost:8080/oauth/token。HTTP状态代码401无效
它是服务器端代码，用于接受来自客户端的CORS。

@Component
public class SimpleCORSFilter implements Filter {
	public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
		HttpServletResponse response = (HttpServletResponse) res;
		response.setHeader("Access-Control-Allow-Origin", "*");
		response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
		response.setHeader("Access-Control-Max-Age", "3600");
		response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
		chain.doFilter(req, res);
	}
	public void init(FilterConfig filterConfig) {}
	public void destroy() {}
}

这是客户端代码，调用http://localhost:8080/oauth/token

angular.module('frontendApp')
  .factory('AuthServerProvider', function loginService($http, localStorageService, Base64, API_SERVER) {
    return {
      login: function (credentials) {
        var data = "username=" + credentials.username + "&password="
          + credentials.password + "&grant_type=password&scope=read%20write&" +
          "client_secret=123456&client_id=clientapp";
        return $http.post(API_SERVER + 'oauth/token', data, {
          headers: {
            "Content-Type": "application/x-www-form-urlencoded",
            "Accept": "application/json",
            "Access-Control-Allow-Origin": "*",
            "Authorization": "Basic " + Base64.encode("clientapp" + ':' + "123456")
          }
        }).success(function (response) {
          var expiredAt = new Date();
          expiredAt.setSeconds(expiredAt.getSeconds() + response.expires_in);
          response.expires_at = expiredAt.getTime();
          localStorageService.set('token', response);
          return response;
        });
      },
      logout: function () {
        // logout from the server
        $http.post('api/logout').then(function () {
          localStorageService.clearAll();
        });
      },
      getToken: function () {
        return localStorageService.get('token');
      },
      hasValidToken: function () {
        var token = this.getToken();
        return token && token.expires_at && token.expires_at > new Date().getTime();
      }
    };
  });

Java

来源：https://stackoverflow.com/questions/30963165/getting-401-to-access-http-localhost8080-oauth-token

2条答案

按热度按时间

vhmi4jdf1#

如果是OPTIONS请求，则不应进行进一步处理，即跳过对chain.doFilter(req, res)的调用，例如：

HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) resp;
    response.addHeader("Access-Control-Allow-Origin", "*");
    if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
        response.setHeader("Access-Control-Allow-Methods", "POST,GET,DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "content-type,access-control-request-headers,access-control-request-method,accept,origin,authorization,x-requested-with");
        response.setStatus(HttpServletResponse.SC_OK);
    } else {
        chain.doFilter(req, resp);
    }

赞(0）回复(0）举报 2022-10-30

mi7gmzs62#

对于Oauth2，您将拥有此扩展AuthorizationServerConfigurerAdapter的配置类。

@Configuration
@EnableAuthorizationServer
public static class AuthServerConfiguration extends AuthorizationServerConfigurerAdapter {
    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        CorsConfiguration config = new CorsConfiguration();
        config.applyPermitDefaultValues();
       AuthorizationServerEndpointsConfigurer 
        source.registerCorsConfiguration("/oauth/token", config);
        CorsFilter filter = new CorsFilter(source);
        security.addTokenEndpointAuthenticationFilter(filter);
    }
}

这将为Oauth添加cors的配置

展开查看全部

赞(0）回复(0）举报 2022-10-30

我来回答

java 正在获取401以访问

2条答案

相关问题

热门标签

最新问答