运行 使用 Amazon Cognito 的 JHipster 微服务
Running JHipster microservices with Amazon Cognito
我按照以下指南使用 Amazon Cognito 设置了 JHipster 生成的网关:https://blog.ippon.tech/aws-cognito-and-jhipster-for-the-love-of-oauth-2-0/
我的网关运行良好,我可以使用 Cognito 登录到管理模块,但是我无法调用任何微服务。任何尝试都会遇到以下错误:
java.lang.NullPointerException: null at
com.test.security.oauth2.AudienceValidator.validate(AudienceValidator.java:26)
at
com.test.security.oauth2.AudienceValidator.validate(AudienceValidator.java:13)
at
org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator.validate(DelegatingOAuth2TokenValidator.java:67)
at
org.springframework.security.oauth2.jwt.NimbusJwtDecoder.validateJwt(NimbusJwtDecoder.java:165)
at
org.springframework.security.oauth2.jwt.NimbusJwtDecoder.decode(NimbusJwtDecoder.java:126)
at
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider.authenticate(
调试显示以下代码中受众变量为空:
public OAuth2TokenValidatorResult validate(Jwt jwt) {
List<String> audience = jwt.getAudience();
if (audience.stream().anyMatch(allowedAudience::contains)) {
return OAuth2TokenValidatorResult.success();
} else {
log.warn("Invalid audience: {}", audience);
return OAuth2TokenValidatorResult.failure(error);
}
}
我已经配置微服务的 application.xml 如下:
security:
oauth2:
client:
provider:
oidc:
issuer-uri: https://cognito-idp.us-east-1.amazonaws.com/[secret]
registration:
oidc:
client-id: [secret]
client-secret: [secret]
有没有人能够使用 Amazon Cognito 成功 运行 jHipster 生成的微服务平台?任何帮助将不胜感激。
AWS Cognito 未在访问令牌中包含受众,因此必须更新 validate 方法。
可以在此处找到更多详细信息:https://github.com/Falydoor/cognito-jhipster/issues/1#issuecomment-594753033
我按照以下指南使用 Amazon Cognito 设置了 JHipster 生成的网关:https://blog.ippon.tech/aws-cognito-and-jhipster-for-the-love-of-oauth-2-0/
我的网关运行良好,我可以使用 Cognito 登录到管理模块,但是我无法调用任何微服务。任何尝试都会遇到以下错误:
java.lang.NullPointerException: null at com.test.security.oauth2.AudienceValidator.validate(AudienceValidator.java:26) at com.test.security.oauth2.AudienceValidator.validate(AudienceValidator.java:13) at org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator.validate(DelegatingOAuth2TokenValidator.java:67) at org.springframework.security.oauth2.jwt.NimbusJwtDecoder.validateJwt(NimbusJwtDecoder.java:165) at org.springframework.security.oauth2.jwt.NimbusJwtDecoder.decode(NimbusJwtDecoder.java:126) at org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider.authenticate(
调试显示以下代码中受众变量为空:
public OAuth2TokenValidatorResult validate(Jwt jwt) {
List<String> audience = jwt.getAudience();
if (audience.stream().anyMatch(allowedAudience::contains)) {
return OAuth2TokenValidatorResult.success();
} else {
log.warn("Invalid audience: {}", audience);
return OAuth2TokenValidatorResult.failure(error);
}
}
我已经配置微服务的 application.xml 如下:
security:
oauth2:
client:
provider:
oidc:
issuer-uri: https://cognito-idp.us-east-1.amazonaws.com/[secret]
registration:
oidc:
client-id: [secret]
client-secret: [secret]
有没有人能够使用 Amazon Cognito 成功 运行 jHipster 生成的微服务平台?任何帮助将不胜感激。
AWS Cognito 未在访问令牌中包含受众,因此必须更新 validate 方法。
可以在此处找到更多详细信息:https://github.com/Falydoor/cognito-jhipster/issues/1#issuecomment-594753033