spring-cloud-gateway-demo

spring-cloud-gateway-demo copied to clipboard

Now, I want to replace UAA with spring security oauth2. But I have encountered some problems. I separately verified that oauth2 has the correct return format.But using the network management jump access will have the following error [invalid_id_token] Missing (required) ID Token in Token Response for Client Registration: gateway org.springframework.security.oauth2.core.OAuth2AuthenticationException: [invalid_id_token] Missing (required) ID Token in Token Response for Client Registration: gateway at org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager.authenticationResult(OidcAuthorizationCodeReactiveAuthenticationManager.java:165) ~[spring-security-oauth2-client-5.1.6.RELEASE.jar:5.1.6.RELEASE] at org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager.lambda$null$1(OidcAuthorizationCodeReactiveAuthenticationManager.java:140) ~[spring-security-oauth2-client-5.1.6.RELEASE.jar:5.1.6.RELEASE]

Thank you!

yeah, i have the save question

I'd recommend using the UAA or some similar product as your security implementation.

Your client must have scope openid and JWT token must contain id_token field (https://openid.net/specs/openid-connect-core-1_0.html#IDToken).

You can refer two sources:

1. https://github.com/making/oauth2-sso-demo
2. https://github.com/spring-projects-experimental/spring-authorization-server/tree/main/samples/boot/oauth2-integration