注销重定向时出现 Keycloak CORS 问题
Keycloak CORS issue on logout redirect
我正在使用 Keycloak 10.0.2 来保护 spring 引导 REST API 和前端的 Angular 9。
前端由 http://localhost:8080 上的 spring 引导微服务 运行 提供服务。
在 keycloak 端,openid-connect 客户端 Web 源配置为允许所有源。
Spring 启动 spring 安全配置为使用 Keycloak 作为 oauth2 客户端提供者。
spring:
security:
oauth2:
client:
provider:
keycloak:
issuer-uri: https://abc-keycloak.abccloud.com/auth/realms/abc
scope: openid, profile
registration:
keycloak:
client-id: localhost
client-secret: xxxxx
redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
resourceserver:
jwt:
issuer-uri: https://abc-keycloak.abccloud.com/auth/realms/abc
angular 前端进行注销 API 调用 http://localhost:8080/logout
并被重定向到
HTTP/1.1 302 Found Location:
https://abc-keycloak.abccloud.com/auth/realms/abc/protocol/openid-connect/logout?id_token_hint=xxxxxx
我在 Google Chrome 浏览器中收到 CORS 错误
Access to XMLHttpRequest at
'https://abc-keycloak.abccloud.com/auth/realms/abc/protocol/openid-connect/logout?id_token_hint=xxxxxx&post_logout_redirect_uri=http://localhost:8080'
(redirected from 'http://localhost:8080/logout') from origin
'http://localhost:8080' has been blocked by CORS policy: Response to
preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource.
它不应该是 API 调用(后台请求)。虽然应将浏览器导航到该应用注销 URL(然后导航到 Keycloak 注销 URL)。
我正在使用 Keycloak 10.0.2 来保护 spring 引导 REST API 和前端的 Angular 9。
前端由 http://localhost:8080 上的 spring 引导微服务 运行 提供服务。
在 keycloak 端,openid-connect 客户端 Web 源配置为允许所有源。
Spring 启动 spring 安全配置为使用 Keycloak 作为 oauth2 客户端提供者。
spring:
security:
oauth2:
client:
provider:
keycloak:
issuer-uri: https://abc-keycloak.abccloud.com/auth/realms/abc
scope: openid, profile
registration:
keycloak:
client-id: localhost
client-secret: xxxxx
redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
resourceserver:
jwt:
issuer-uri: https://abc-keycloak.abccloud.com/auth/realms/abc
angular 前端进行注销 API 调用 http://localhost:8080/logout 并被重定向到
HTTP/1.1 302 Found Location:
https://abc-keycloak.abccloud.com/auth/realms/abc/protocol/openid-connect/logout?id_token_hint=xxxxxx
我在 Google Chrome 浏览器中收到 CORS 错误
Access to XMLHttpRequest at 'https://abc-keycloak.abccloud.com/auth/realms/abc/protocol/openid-connect/logout?id_token_hint=xxxxxx&post_logout_redirect_uri=http://localhost:8080' (redirected from 'http://localhost:8080/logout') from origin 'http://localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
它不应该是 API 调用(后台请求)。虽然应将浏览器导航到该应用注销 URL(然后导航到 Keycloak 注销 URL)。