我正在尝试为我的宠物项目实现“使用谷歌登录”授权。我决定先在一个小项目上练习，所以我创建了一个简单的REST应用程序，只有一个控制器。我设法完成了在谷歌控制台中创建项目的所有步骤，在那里创建了所有必要的密钥，并成功地将谷歌令牌放入 Postman 标题中。它看起来像这样ya29.A0AVA9y1v0OZNHTtELFgP-OGQdT_GY_V9mJ3FKXB2ZcOYjS7_AWx2nX1IzP8Sfnr9uxosNZNyNZK2h_q4zF1Qvhhu2bptv-tL-kSn3qVjHwfDdjqIydn3bKBkqVhIHKhmCE3PLrXuSuDJ2sML-66uFFwR28IpyaCgYKATASATASFQE65dr8xXC0Q6jWHExbZ0yL0utlKw0163
所以我开始实现spring Boot 应用程序，遇到了一些问题。我按照网络上的沿着教程配置了Spring Security ，将所有客户端id和所有这些东西放在www.example.com中application.properties，然后运行我的应用程序。惊喜，什么都不起作用。我开始挖掘，发现JwtAuthenticationProvider抱怨他“Failed to authenticate since the JWT was invalid“。经过一些谷歌搜索，我发现谷歌所谓的“访问令牌”不是一个实际的JWT令牌，但我不知道如何处理这些信息。我一定是错过了一些重要的东西，但我不知道是什么。
我的SpringSecurityConfig：

@Configuration
@EnableWebSecurity(debug = true)
@EnableGlobalMethodSecurity(prePostEnabled = true)
class SpringSecurityConfig {
    @Bean
    fun filterChain(http: HttpSecurity): SecurityFilterChain {
        http
            .authorizeRequests()
            .antMatchers("/**").fullyAuthenticated()
            .and()
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
            .oauth2ResourceServer().jwt()
            .and()
            .and()
            .cors().and().csrf().disable()
        return http.build()
    }
}

字符串
我的属性：

spring.security.oauth2.client.registration.google.client-id=<MY_CLIENT_ACTUAL_VALUE>
spring.security.oauth2.client.registration.google.client-secret=<MY_SECRET_ACTUAL_VALUE>
spring.security.oauth2.client.registration.google.scope=openid,profile,email
spring.security.oauth2.resourceserver.jwt.issuer-uri=https://accounts.google.com
spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://www.googleapis.com/oauth2/v3/certs

型
我的控制器：

@RestController
@RequestMapping("/api")
class TestController {
    @GetMapping(path = ["/alive"])
    private fun alive() = "OK"
}

型
在我尝试用token header连接postman后，我得到了这个：

************************************************************
Request received for GET '/api/alive':
org.apache.catalina.connector.RequestFacade@51219c91
servletPath:/api/alive
pathInfo:null
headers: 
authorization: Bearer ya29.A0AVA9y1v0OZNHTtELFgP-OGQdT_GY_V9mJ3FKXB2ZcOYjS7_AWx2nX1IzP8Sfnr9uxosNZNyNZK2h_q4zF1Qvhhu2bptv-tL-kSn3qVjHwfDdjqIydn3bKBkqVhIHKhmCE3PLrXuSuDJ2sML-66uFFwR28IpyaCgYKATASATASFQE65dr8xXC0Q6jWHExbZ0yL0utlKw0163
user-agent: PostmanRuntime/7.29.2
accept: */*
postman-token: b6dd2ef8-a4e5-46bf-8d62-141831146efb
host: localhost:8080
accept-encoding: gzip, deflate, br
connection: keep-alive
cookie: JSESSIONID=715201B0645DD1329566CD5AB8509BE6
Security filter chain: [
  DisableEncodeUrlFilter
  WebAsyncManagerIntegrationFilter
  SecurityContextPersistenceFilter
  HeaderWriterFilter
  CorsFilter
  LogoutFilter
  BearerTokenAuthenticationFilter
  RequestCacheAwareFilter
  SecurityContextHolderAwareRequestFilter
  AnonymousAuthenticationFilter
  SessionManagementFilter
  ExceptionTranslationFilter
  FilterSecurityInterceptor
]
************************************************************
2022-08-19 17:07:29,005 DEBUG [http-nio-8080-exec-1] org.springframework.security.web.FilterChainProxy: Securing GET /api/alive
2022-08-19 17:07:29,009 DEBUG [http-nio-8080-exec-1] org.springframework.security.web.context.SecurityContextPersistenceFilter: Set SecurityContextHolder to empty SecurityContext
2022-08-19 17:07:29,031 DEBUG [http-nio-8080-exec-1] org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider: Failed to authenticate since the JWT was invalid
2022-08-19 17:07:29,033 DEBUG [http-nio-8080-exec-1] org.springframework.security.web.context.SecurityContextPersistenceFilter: Cleared SecurityContextHolder to complete request

型