· 7 years ago · Jan 28, 2019, 06:26 PM
1java.lang.NullPointerException: null
2 at org.springframework.security.oauth2.provider.token.store.JwtTokenStore.convertAccessToken(JwtTokenStore.java:92) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
3 at org.springframework.security.oauth2.provider.token.store.JwtTokenStore.readAccessToken(JwtTokenStore.java:84) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
4 at org.springframework.security.oauth2.provider.token.DefaultTokenServices.loadAuthentication(DefaultTokenServices.java:229) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
5 at org.springframework.security.oauth2.provider.token.DefaultTokenServices$$FastClassBySpringCGLIB$$5a1f25c.invoke(<generated>) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
6 at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.2.RELEASE.jar:4.3.2.RELEASE]
7 at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:651) ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE]
8 at org.springframework.security.oauth2.provider.token.DefaultTokenServices$$EnhancerBySpringCGLIB$$ad6a1bf8.loadAuthentication(<generated>) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
9 at org.springframework.security.oauth2.provider.token.DefaultTokenServices$$FastClassBySpringCGLIB$$5a1f25c.invoke(<generated>) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
10 at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.2.RELEASE.jar:4.3.2.RELEASE]
11 at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:651) ~[spring-aop-4.3.2.RELEASE.jar:4.3.2.RELEASE]
12 at org.springframework.security.oauth2.provider.token.DefaultTokenServices$$EnhancerBySpringCGLIB$$dd6c66fe.loadAuthentication(<generated>) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
13 at org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager.authenticate(OAuth2AuthenticationManager.java:83) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
14 at org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:150) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na]
15 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
16 at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:121) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
17 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
18 at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
19 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
20 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
21 at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
22 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
23 at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
24 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
25 at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
26 at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
27 at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) ~[spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
28 at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
29 at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
30 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.4.jar:8.5.4]
31 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.4.jar:8.5.4]
32 at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
33 at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.2.RELEASE.jar:4.3.2.RELEASE]
34 at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) ~[tomcat-embed-core-8.5.4.jar:8.5.4]
35 at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) ~[tomcat-embed-core-8.5.4.jar:8.5.4]
36 at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) ~[tomcat-embed-core-8.5.4.jar:8.5.4]
37 at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:108) [tomcat-embed-core-8.5.4.jar:8.5.4]
38 at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:522) [tomcat-embed-core-8.5.4.jar:8.5.4]
39 at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [tomcat-embed-core-8.5.4.jar:8.5.4]
40 at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [tomcat-embed-core-8.5.4.jar:8.5.4]
41 at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [tomcat-embed-core-8.5.4.jar:8.5.4]
42 at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349) [tomcat-embed-core-8.5.4.jar:8.5.4]
43 at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:1110) [tomcat-embed-core-8.5.4.jar:8.5.4]
44 at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-embed-core-8.5.4.jar:8.5.4]
45 at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:785) [tomcat-embed-core-8.5.4.jar:8.5.4]
46 at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1425) [tomcat-embed-core-8.5.4.jar:8.5.4]
47 at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-8.5.4.jar:8.5.4]
48 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_25]
49 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_25]
50 at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.5.4.jar:8.5.4]
51 at java.lang.Thread.run(Thread.java:745) [na:1.8.0_25]
52
53GET /api/test HTTP/1.1
54Host: localhost:8090
55Authorization: Bearer MYTOKENHERE
56Cache-Control: no-cache
57
58@Configuration
59public class OAuth2ServerConfiguration {
60
61 private static final String RESOURCE_ID = "myapi";
62
63 @Configuration
64 @EnableResourceServer
65 protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
66 @Autowired
67 private JwtAccessTokenConverter jwtAccessTokenConverter;
68
69 @Override
70 public void configure(ResourceServerSecurityConfigurer resources) {
71 // @formatter:off
72 resources
73 .resourceId(RESOURCE_ID).tokenStore(new JwtTokenStore(jwtAccessTokenConverter));
74 // @formatter:on
75 }
76
77 @Override
78 public void configure(HttpSecurity http) throws Exception {
79 // @formatter:off
80 http
81 .csrf().disable()
82 .authorizeRequests()
83 .antMatchers("/api/**").authenticated();
84 // @formatter:on
85 }
86 }
87
88 @Configuration
89 @EnableAuthorizationServer
90 protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
91 @Autowired
92 private JwtAccessTokenConverter jwtAccessTokenConverter;
93
94 private TokenStore tokenStore = new JwtTokenStore(jwtAccessTokenConverter);
95
96 @Autowired
97 @Qualifier("authenticationManagerBean")
98 private AuthenticationManager authenticationManager;
99
100 @Override
101 public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
102 // @formatter:off
103 endpoints
104 .tokenStore(tokenStore)
105 .authenticationManager(authenticationManager)
106 .accessTokenConverter(jwtAccessTokenConverter);
107 // @formatter:on
108 }
109
110 @Override
111 public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
112 // @formatter:off
113 clients
114 .inMemory()
115 .withClient("12345")
116 .authorizedGrantTypes("password", "refresh_token")
117 .authorities("USER")
118 .scopes("read", "write")
119 .resourceIds(RESOURCE_ID)
120 .secret("54321")
121 .accessTokenValiditySeconds(2592000) // 30 days
122 .refreshTokenValiditySeconds(3888000); // 15 days more than access token
123 // @formatter:on
124 }
125 }
126
127}
128
129@Configuration
130@EnableWebSecurity
131public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
132
133 @Autowired
134 private Environment env;
135
136 @Autowired
137 private CustomUserDetailsService userDetailsService;
138
139 @Autowired
140 private AccountAuthenticationProvider accountAuthenticationProvider;
141
142 @Override
143 protected void configure(AuthenticationManagerBuilder auth) throws Exception {
144 auth.userDetailsService(userDetailsService);
145 auth.authenticationProvider(accountAuthenticationProvider);
146 }
147
148 @Bean
149 public PasswordEncoder passwordEncoder() {
150 return new BCryptPasswordEncoder();
151 }
152
153 @Override
154 @Bean
155 public AuthenticationManager authenticationManagerBean() throws Exception {
156 return super.authenticationManagerBean();
157 }
158
159 @Bean
160 public JwtAccessTokenConverter jwtAccessTokenConverter() {
161 final JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter();
162 jwtAccessTokenConverter.setSigningKey(env.getProperty("jwt.secret"));
163 return jwtAccessTokenConverter;
164 }
165
166}
167
168DROP TABLE IF EXISTS `oauth_access_token`;
169CREATE TABLE `oauth_access_token` (
170 `token_id` varchar(255) DEFAULT NULL,
171 `token` mediumblob,
172 `authentication_id` varchar(255) NOT NULL,
173 `user_name` varchar(255) DEFAULT NULL,
174 `client_id` varchar(255) DEFAULT NULL,
175 `authentication` mediumblob,
176 `refresh_token` varchar(255) DEFAULT NULL,
177 PRIMARY KEY (`authentication_id`)
178) ENGINE=InnoDB DEFAULT CHARSET=latin1;
179
180DROP TABLE IF EXISTS `oauth_approvals`;
181CREATE TABLE `oauth_approvals` (
182 `userId` varchar(255) DEFAULT NULL,
183 `clientId` varchar(255) DEFAULT NULL,
184 `scope` varchar(255) DEFAULT NULL,
185 `status` varchar(10) DEFAULT NULL,
186 `expiresAt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
187 `lastModifiedAt` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
188) ENGINE=InnoDB DEFAULT CHARSET=latin1;
189
190DROP TABLE IF EXISTS `oauth_client_details`;
191CREATE TABLE `oauth_client_details` (
192 `client_id` varchar(255) NOT NULL,
193 `resource_ids` varchar(255) DEFAULT NULL,
194 `client_secret` varchar(255) DEFAULT NULL,
195 `scope` varchar(255) DEFAULT NULL,
196 `authorized_grant_types` varchar(255) DEFAULT NULL,
197 `web_server_redirect_uri` varchar(255) DEFAULT NULL,
198 `authorities` varchar(255) DEFAULT NULL,
199 `access_token_validity` int(11) DEFAULT NULL,
200 `refresh_token_validity` int(11) DEFAULT NULL,
201 `additional_information` varchar(4096) DEFAULT NULL,
202 `autoapprove` varchar(255) DEFAULT NULL,
203 PRIMARY KEY (`client_id`)
204) ENGINE=InnoDB DEFAULT CHARSET=latin1;
205
206DROP TABLE IF EXISTS `oauth_client_token`;
207CREATE TABLE `oauth_client_token` (
208 `token_id` varchar(255) DEFAULT NULL,
209 `token` mediumblob,
210 `authentication_id` varchar(255) NOT NULL,
211 `user_name` varchar(255) DEFAULT NULL,
212 `client_id` varchar(255) DEFAULT NULL,
213 PRIMARY KEY (`authentication_id`)
214) ENGINE=InnoDB DEFAULT CHARSET=latin1;
215
216DROP TABLE IF EXISTS `oauth_code`;
217CREATE TABLE `oauth_code` (
218 `code` varchar(255) DEFAULT NULL,
219 `authentication` mediumblob
220) ENGINE=InnoDB DEFAULT CHARSET=latin1;
221
222DROP TABLE IF EXISTS `oauth_refresh_token`;
223CREATE TABLE `oauth_refresh_token` (
224 `token_id` varchar(255) DEFAULT NULL,
225 `token` mediumblob,
226 `authentication` mediumblob
227) ENGINE=InnoDB DEFAULT CHARSET=latin1;
228
229private TokenStore tokenStore = new JwtTokenStore(jwtAccessTokenConverter);
230
231@Override
232 public void configure(ResourceServerSecurityConfigurer resources) {
233 resources.resourceId(RESOURCE_ID).tokenStore(new JwtTokenStore(jwtAccessTokenConverter));
234 }
235
236@Autowired
237 DataSource dataSource;
238
239 @Bean
240 public TokenStore tokenStore() {
241 return new JdbcTokenStore(dataSource);
242 }
243
244@Autowired
245private TokenStore tokenStore;
246
247public void configure(ResourceServerSecurityConfigurer resources) {
248 resources.resourceId(RESOURCE_ID).tokenStore(tokenStore);
249 }