Skip to content

Client 异常响应处理

问题

/oauth2/token 地址异常处理

异常HTTP 响应状态码响应数据
参数 client_secret 无效异常401
参数 code 无效异常400

配置

java
package cloud.xuxiaowei.passport.handler;

import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * OAuth 2.1 客户认证 异常处理
 *
 * @author xuxiaowei
 * @since 0.0.1
 */
@Slf4j
public class ClientAuthenticationResponseHandler implements AuthenticationFailureHandler {

    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
                                        AuthenticationException exception) throws IOException, ServletException {

        // 打印异常日志
        log.error("OAuth 2.1 认证 异常处理:", exception);

        // 使用 HttpServletResponse 自定义响应

    }

}
java
package cloud.xuxiaowei.passport.handler;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;

/**
 * OAuth 2.1 客户认证 异常处理
 *
 * @author xuxiaowei
 * @since 0.0.1
 */
@Slf4j
public class ClientAuthenticationResponseHandler implements AuthenticationFailureHandler {

    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
                                        AuthenticationException exception) throws IOException, ServletException {

        // 打印异常日志
        log.error("OAuth 2.1 认证 异常处理:", exception);

        // 使用 HttpServletResponse 自定义响应

    }

}

使用

java
package cloud.xuxiaowei.passport.config;

import cloud.xuxiaowei.passport.handler.ClientAuthenticationResponseHandler;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @author Joe Grandja
 * @author xuxiaowei
 * @since 0.0.1
 */
@Configuration(proxyBeanMethods = false)
public class AuthorizationServerConfig {

    @Bean
    @Order(Ordered.HIGHEST_PRECEDENCE)
    public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
        OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);

        OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = http
                .getConfigurer(OAuth2AuthorizationServerConfigurer.class);

        authorizationServerConfigurer.clientAuthentication(clientAuthenticationCustomizer -> {
            clientAuthenticationCustomizer.errorResponseHandler(new ClientAuthenticationResponseHandler());
        });

        return http.build();
    }

}