发表新帖
发表新帖

自定义的登录接口,在登陆时提示身份需要验证,且总401

Blade 未结
关注 举报
2 427
jiashaCocoa
jiashaCocoa 剑者 2023-06-07 14:22

一、该问题的重现步骤是什么?

1. saber中调用新写的登录接口,出现如下错误,新写的接口是通过接口转发的形式,将入参转发给outh/tokenimage.png

2. 具体的转发代码如下

/**
 * 登录页面
 */
@RequestMapping(value = "/oauth/denglu",method = {RequestMethod.POST})
public String denglu(Principal principal, @RequestParam Map<String, String> parameters, HttpServletRequest request) throws HttpRequestMethodNotSupportedException, IOException {
        System.out.println("parameters = " + parameters);
		//TokenEndpoint tokenEndpoint = new TokenEndpoint();
		Map<String, Object> para = new HashMap<>();
		para.put("tenantId", parameters.get("tenantId"));
		para.put("username", parameters.get("yhm"));
		para.put("password", parameters.get("mm"));
		para.put("grant_type", parameters.get("grant_type"));
		para.put("scope", parameters.get("scope"));
		para.put("type", parameters.get("type"));
		para.put("principal", principal);
		System.out.println("map = " + para);
		Map<String, String> header = new HashMap<>();
		header.put("Authorization", "Basic c2FiZXI6c2FiZXJfc2VjcmV0");
		header.put("Tenant-Id", "000000");
		System.out.println("JsonUtil.toJson(request) = " + header);
		Exchange exchange = HttpUtil.exchange("http://localhost:8100/oauth/token", header, para);
		return exchange.asString();//tokenEndpoint.postAccessToken(principal, map);
}


3.代码目录是image.png


二、你期待的结果是什么?实际看到的又是什么?


三、你正在使用的是什么产品,什么版本?在什么操作系统上?


四、请提供详细的错误堆栈信息,这很重要。


五、若有更多详细信息,请在下面提供。


2条回答
  • admin - BladeX作者
    2023-06-08 02:13

    你这不是循环调用了么?把下面的改成/oauth/token再看看返回的是什么

    image.png

    作者追问:2023-06-08 11:10

    好开心啊,终于被大神翻牌子了。

    哦,那个是写错了,但是改正后还是一样的问题,就是没有进接口的问题,后面调试发现,头部加上Authorization这个参数,接口直接401,不用这个参数的话,就可以访问成功,代码如下

            /**
	 * 登录页面
	 */
	@RequestMapping(value = "/oauth/denglu", method = {RequestMethod.POST})
	public String denglu(Principal principal, @RequestParam Map<String, String> parameters) throws HttpRequestMethodNotSupportedException, IOException {
                Map<String, Object> para = new HashMap<>();
		para.put("principal", principal);
		System.out.println("map = " + para);
		Map<String, String> header = new HashMap<>();
		header.put("Authorization", "Basic c2FiZXI6c2FiZXJfc2VjcmV0");
		header.put("Tenant-Id", "000000");
		String string = HttpUtil.exchange("http://localhost:8100/oauth/token?" +
				"tenantId=" + parameters.get("tenantId") +
				"&username=" + parameters.get("yhm") +
				"&password=" + parameters.get("mm") +
				"&grant_type=" + parameters.get("grant_type") +
				"&scope=" + parameters.get("scope") +
				"&type=" + parameters.get("type"), header, para).asString();

		return string;
	}

    image.pngimage.png

    另外有个奇怪的问题,我加上这个参数后,user模块/client/user-info-by-type接口传入的参数莫名其妙的变成了saber,然后在数据库中只能查出用户名为saber的用户信息,日志如下

    2023-06-08 11:05:19.625  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.log.aspect.RequestLogAspect     : 

================  Request Start  ================
===> GET: /client/user-info-by-type Parameters: {"tenantId":"000000","userType":"web","account":"saber"}
===Headers===  Accept: */*
===Headers===  Connection: keep-alive
===Headers===  User-Agent: Java/1.8.0_362
===Headers===  Host: 10.204.146.94:8102
================   Request End   ================

2023-06-08 11:05:19.637  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.mp.plugins.SqlLogInterceptor    : 

==============  Sql Start  ==============
Execute SQL : select * from blade_user where tenant_id = '000000' and account = 'saber' and is_deleted = 0
Execute Time: 1.751ms
==============  Sql  End   ==============

2023-06-08 11:05:19.688  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.mp.plugins.SqlLogInterceptor    : 

==============  Sql Start  ==============
Execute SQL : select id, user_id, user_ext from blade_user_web where user_id = 1627504964620639234
Execute Time: 18.257ms
==============  Sql  End   ==============

2023-06-08 11:05:19.689  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.log.aspect.RequestLogAspect     : 

===============  Response Start  ================
===Result===  {"code":200,"success":true,"data":{"oauthId":null,"user":{"id":"1627504964620639234","createUser":"1123598821738675201","createDept":"1123598813738675201","createTime":"2023-02-20 11:06:29","updateUser":"1123598821738675201","updateTime":"2023-02-20 11:06:29","status":1,"isDeleted":0,"tenantId":"000000","code":null,"userType":1,"account":"saber","password":"10470c3b4b1fed12c3baac014be15fac67c6e815","name":"审核","realName":"审核","avatar":null,"email":null,"phone":null,"birthday":null,"sex":null,"roleId":"1123598816738675202","deptId":"1123598813738675201","postId":"1123598817738675201"},"detail":{"type":"web"},"permissions":null,"roles":["user"]},"msg":"操作成功"}
<=== GET: /client/user-info-by-type (64 ms)
===============   Response End   ================


    作者追问:2023-06-08 11:13

    2023-06-08 11:05:19.625  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.log.aspect.RequestLogAspect     : 

================  Request Start  ================
===> GET: /client/user-info-by-type Parameters: {"tenantId":"000000","userType":"web","account":"saber"}
===Headers===  Accept: */*
===Headers===  Connection: keep-alive
===Headers===  User-Agent: Java/1.8.0_362
===Headers===  Host: 10.204.146.94:8102
================   Request End   ================

2023-06-08 11:05:19.637  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.mp.plugins.SqlLogInterceptor    : 

==============  Sql Start  ==============
Execute SQL : select * from blade_user where tenant_id = '000000' and account = 'saber' and is_deleted = 0
Execute Time: 1.751ms
==============  Sql  End   ==============

2023-06-08 11:05:19.688  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.mp.plugins.SqlLogInterceptor    : 

==============  Sql Start  ==============
Execute SQL : select id, user_id, user_ext from blade_user_web where user_id = 1627504964620639234
Execute Time: 18.257ms
==============  Sql  End   ==============

2023-06-08 11:05:19.689  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.log.aspect.RequestLogAspect     : 

===============  Response Start  ================
===Result===  {"code":200,"success":true,"data":{"oauthId":null,"user":{"id":"1627504964620639234","createUser":"1123598821738675201","createDept":"1123598813738675201","createTime":"2023-02-20 11:06:29","updateUser":"1123598821738675201","updateTime":"2023-02-20 11:06:29","status":1,"isDeleted":0,"tenantId":"000000","code":null,"userType":1,"account":"saber","password":"10470c3b4b1fed12c3baac014be15fac67c6e815","name":"审核","realName":"审核","avatar":null,"email":null,"phone":null,"birthday":null,"sex":null,"roleId":"1123598816738675202","deptId":"1123598813738675201","postId":"1123598817738675201"},"detail":{"type":"web"},"permissions":null,"roles":["user"]},"msg":"操作成功"}
<=== GET: /client/user-info-by-type (64 ms)
===============   Response End   ================


    回答: 2023-06-08 11:15

    晚上如果有时间,我写个转发的逻辑自己试试看,然后再给你回复

    作者追问:2023-06-09 16:01

    大佬,您有看这个问题吗?

    0 讨论(0)
  • jiashaCocoa
    2023-06-08 11:12 
    2023-06-08 11:05:19.625  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.log.aspect.RequestLogAspect     : 

================  Request Start  ================
===> GET: /client/user-info-by-type Parameters: {"tenantId":"000000","userType":"web","account":"saber"}
===Headers===  Accept: */*
===Headers===  Connection: keep-alive
===Headers===  User-Agent: Java/1.8.0_362
===Headers===  Host: 10.204.146.94:8102
================   Request End   ================

2023-06-08 11:05:19.637  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.mp.plugins.SqlLogInterceptor    : 

==============  Sql Start  ==============
Execute SQL : select * from blade_user where tenant_id = '000000' and account = 'saber' and is_deleted = 0
Execute Time: 1.751ms
==============  Sql  End   ==============

2023-06-08 11:05:19.688  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.mp.plugins.SqlLogInterceptor    : 

==============  Sql Start  ==============
Execute SQL : select id, user_id, user_ext from blade_user_web where user_id = 1627504964620639234
Execute Time: 18.257ms
==============  Sql  End   ==============

2023-06-08 11:05:19.689  INFO 2505767 --- [  XNIO-1 task-1] o.s.core.log.aspect.RequestLogAspect     : 

===============  Response Start  ================
===Result===  {"code":200,"success":true,"data":{"oauthId":null,"user":{"id":"1627504964620639234","createUser":"1123598821738675201","createDept":"1123598813738675201","createTime":"2023-02-20 11:06:29","updateUser":"1123598821738675201","updateTime":"2023-02-20 11:06:29","status":1,"isDeleted":0,"tenantId":"000000","code":null,"userType":1,"account":"saber","password":"10470c3b4b1fed12c3baac014be15fac67c6e815","name":"审核","realName":"审核","avatar":null,"email":null,"phone":null,"birthday":null,"sex":null,"roleId":"1123598816738675202","deptId":"1123598813738675201","postId":"1123598817738675201"},"detail":{"type":"web"},"permissions":null,"roles":["user"]},"msg":"操作成功"}
<=== GET: /client/user-info-by-type (64 ms)
===============   Response End   ================


    作者追问:2023-06-08 11:15

    晚上如果有时间,我写个转发的逻辑自己试试看,然后再给你回复

    回答: 2023-06-08 11:22

    image.png

    回答: 2023-06-08 15:12

    image.png

    0 讨论(2)
 看不清?
提交回复
官方产品
BladeX 企业级开发平台 BladeX 可视化数据大屏
官方推荐
阿里云服务器限时1折优惠
热议问题
​BladeX-Boot-master 版本接入钉钉登录 2
在定时任务中是否feign 1
nginx部署saber3,访问页面正常,上传附件无反应 2
前端第一次首页加载速度慢 1
4.0.1无法下载maven依赖 1
大屏保存 1
sql注入风险漏洞 1
数据权限控制为啥不起作用 2
为什么要liteflow 2
商业版4.0+版本这个token现在怎么使用啊,按照文档配置报错,急 1
layui

扫一扫访问 Blade技术社区 移动端

Blade技术社区 2024 © 上海布雷德科技有限公司 沪ICP备2023009528号-1 苏公网安备 32041102000998号