Spring Security 为什么我的请求从Angular到KotlinSping Boot Backend失败(但在Postman中可以正常工作)?

1mrurvl1  于 2023-01-26  发布在  Spring
关注(0)|答案(1)|浏览(178)

我从安格拉尔打来的电话:

const data = {test: "test"}

        const httpOptions = {
          headers: new HttpHeaders({ 'Content-Type': 'application/json,, 'Authorization': 'Bearer ' + localStorage.getItem(environment.STORAGE_KEYS.TOKEN) }')
        };

        this.http.post("http://localhost:1234/test", data, httpOptions)
  .subscribe(
    response => {
      console.log("sucesss");
      console.log(response);
    },
    error => {
      console.log("error");
      console.error(error);
    }
  );

在我的春靴应用中:控制器:

@RestController
class TestController {

    @RequestMapping(
        method = [RequestMethod.POST],
        value = ["/test"],
        produces = ["application/json"],
        consumes = ["application/json"]
    )
    fun test(){
        println("test")
    }
}

安全配置:

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
class SecurityConfig(private val issuersOAuth2Properties: IssuersOAuth2Properties) {

    @Bean
    @Throws(Exception::class)
    fun filterChain(http: HttpSecurity): SecurityFilterChain? {
        http.authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll().and().authorizeRequests()
        .antMatchers("/**").authenticated().and().oauth2ResourceServer{oauth2 ->
            oauth2.authenticationManagerResolver(jwtIssuerAuthManager())
        }.authorizeRequests()
        return http.build()
    }

    @Bean
    fun jwtIssuerAuthManager(): AuthenticationManagerResolver<HttpServletRequest?>?{
        return JwtIssuerAuthenticationManagerResolver(IssuerManager(issuersOAuth2Properties.issuers))
    }
}

相关配置:

@EnableWebMvc
@Configuration
class CorsConfig: WebMvcConfigurer {
    override fun addCorsMappings(registry: CorsRegistry) {
        logger().info("this is cors here")
        registry.addMapping("/**").allowedOrigins("*").allowedMethods("*").allowedHeaders("*")
    }
}

如果我没有一个令牌,它会给401。这就是为什么我假设我的令牌工作。
从Chrome开发控制台复制的网络请求:

curl 'http://localhost:1234/test' \
  -H 'Accept: application/json, text/plain, */*' \
  -H 'Referer: http://localhost:8100/' \
  -H 'Authorization: Bearer eyJhbGciO.....Q3Oz_xw' \
  -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36' \
  -H 'Content-Type: application/json' \
  --data-raw '{"test":"test"}' \
  --compressed

堆栈跟踪:

scheduleTask @ http://localhost:8100/polyfills.js:11755
_ZoneDelegate.scheduleTask @ http://localhost:8100/polyfills.js:8281
onScheduleTask @ http://localhost:8100/polyfills.js:8174
_ZoneDelegate.scheduleTask @ http://localhost:8100/polyfills.js:8276
Zone.scheduleTask @ http://localhost:8100/polyfills.js:8091
Zone.scheduleMacroTask @ http://localhost:8100/polyfills.js:8120
scheduleMacroTaskWithCurrentZone @ http://localhost:8100/polyfills.js:8685
(anonymous) @ http://localhost:8100/polyfills.js:11800
proto.<computed> @ http://localhost:8100/polyfills.js:9042
(anonymous) @ http://localhost:8100/vendor.js:44103
_trySubscribe @ http://localhost:8100/vendor.js:26437
subscribe @ http://localhost:8100/vendor.js:26419
innerSubscribe @ http://localhost:8100/vendor.js:27435
_innerSub @ http://localhost:8100/vendor.js:28800
_tryNext @ http://localhost:8100/vendor.js:28793
_next @ http://localhost:8100/vendor.js:28774
next @ http://localhost:8100/vendor.js:26906
(anonymous) @ http://localhost:8100/vendor.js:30308
_trySubscribe @ http://localhost:8100/vendor.js:26437
subscribe @ http://localhost:8100/vendor.js:26419
call @ http://localhost:8100/vendor.js:28757
subscribe @ http://localhost:8100/vendor.js:26417
call @ http://localhost:8100/vendor.js:28466
subscribe @ http://localhost:8100/vendor.js:26417
call @ http://localhost:8100/vendor.js:28628
subscribe @ http://localhost:8100/vendor.js:26417
(anonymous) @ http://localhost:8100/src_app_business-owner_business_add-business_add-business_module_ts.js:158
asyncGeneratorStep @ http://localhost:8100/vendor.js:129742
_next @ http://localhost:8100/vendor.js:129764
(anonymous) @ http://localhost:8100/vendor.js:129771
ZoneAwarePromise @ http://localhost:8100/polyfills.js:9436
(anonymous) @ http://localhost:8100/vendor.js:129760
addBusiness @ http://localhost:8100/src_app_business-owner_business_add-business_add-business_module_ts.js:211
AddBusinessPage_form_6_Template_ion_button_click_29_listener @ ng:///AddBusinessPage.js:96
executeListenerWithErrorHandling @ http://localhost:8100/vendor.js:91120
wrapListenerIn_markDirtyAndPreventDefault @ http://localhost:8100/vendor.js:91158
(anonymous) @ http://localhost:8100/vendor.js:118042
_ZoneDelegate.invokeTask @ http://localhost:8100/polyfills.js:8293
onInvokeTask @ http://localhost:8100/vendor.js:103217
_ZoneDelegate.invokeTask @ http://localhost:8100/polyfills.js:8293
Zone.runTask @ http://localhost:8100/polyfills.js:8043
ZoneTask.invokeTask @ http://localhost:8100/polyfills.js:8388
invokeTask @ http://localhost:8100/polyfills.js:9906
globalCallback @ http://localhost:8100/polyfills.js:9943
globalZoneAwareCallback @ http://localhost:8100/polyfills.js:9982

回应:空
它在开发控制台中的外观Written是:已取消,xhr为

类型
我在控制台中没有看到任何cors错误。

spring-security

1条答案

按热度按时间
x7yiwoj4

x7yiwoj41#

如果页面在请求完成之前就被重新加载了,就会发生这种情况。我在html =〉default is submit中的按钮类型中有一个打字错误。这意味着页面被重新加载了,请求无法完成。

赞(0)分享  回复(0)举报  2023-01-26
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com