尝试Slack.com的Spring-Boot-OAuth2 manual示例时无法从 token 获取用户详细信息

Sample非常适合Facebook,因此我尝试使用以下参数更改松弛度:

application.yml

slack:
  client:
    clientId: ID
    clientSecret: PASS
    accessTokenUri: https://slack.com/api/oauth.access
    userAuthorizationUri: https://slack.com/oauth/authorize
    scope: "identity.basic,identity.email"
  resource:
    userInfoUri: https://slack.com/api/users.identity?token=

SocialApplication.class修改为:
private Filter ssoFilter() {
    OAuth2ClientAuthenticationProcessingFilter slackFilter = new OAuth2ClientAuthenticationProcessingFilter(
            "/login/slack");
    OAuth2RestTemplate slackTemplate = new OAuth2RestTemplate(slack(), oauth2ClientContext);
    slackFilter.setRestTemplate(slackTemplate);
    UserInfoTokenServices tokenServices = new UserInfoTokenServices(slackResource().getUserInfoUri(),
            slack().getClientId());
    tokenServices.setRestTemplate(slackTemplate);
    slackFilter.setTokenServices(
            new UserInfoTokenServices(slackResource().getUserInfoUri(), slack().getClientId()));
    return slackFilter;
}

@Bean
@ConfigurationProperties("slack.client")
public AuthorizationCodeResourceDetails slack() {
    return new AuthorizationCodeResourceDetails();;
}

@Bean
@ConfigurationProperties("slack.resource")
public ResourceServerProperties slackResource() {
    return new ResourceServerProperties();
}

日志:
2017-02-23 16:21:17.480 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.web.util.matcher.OrRequestMatcher  : Trying to match using Ant [pattern='/css/**']
2017-02-23 16:21:17.480 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/login/slack'; against '/css/**'
2017-02-23 16:21:17.480 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.web.util.matcher.OrRequestMatcher  : Trying to match using Ant [pattern='/js/**']
2017-02-23 16:21:17.480 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/login/slack'; against '/js/**'
2017-02-23 16:21:17.480 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.web.util.matcher.OrRequestMatcher  : Trying to match using Ant [pattern='/images/**']
2017-02-23 16:21:17.481 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/login/slack'; against '/images/**'
2017-02-23 16:21:17.481 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.web.util.matcher.OrRequestMatcher  : Trying to match using Ant [pattern='/webjars/**']
2017-02-23 16:21:17.481 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/login/slack'; against '/webjars/**'
2017-02-23 16:21:17.481 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.web.util.matcher.OrRequestMatcher  : Trying to match using Ant [pattern='/**/favicon.ico']
2017-02-23 16:21:17.482 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/login/slack'; against '/**/favicon.ico'
2017-02-23 16:21:17.482 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.web.util.matcher.OrRequestMatcher  : Trying to match using Ant [pattern='/error']
2017-02-23 16:21:17.482 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/login/slack'; against '/error'
2017-02-23 16:21:17.483 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.web.util.matcher.OrRequestMatcher  : No matches found
2017-02-23 16:21:17.483 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request '/login/slack' matched by universal pattern '/**'
2017-02-23 16:21:17.483 DEBUG 3757 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : /login/slack at position 1 of 12 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2017-02-23 16:21:17.484 DEBUG 3757 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : /login/slack at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2017-02-23 16:21:17.484 DEBUG 3757 --- [nio-8080-exec-9] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
2017-02-23 16:21:17.484 DEBUG 3757 --- [nio-8080-exec-9] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@761167a. A new one will be created.
2017-02-23 16:21:17.484 DEBUG 3757 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : /login/slack at position 3 of 12 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2017-02-23 16:21:17.485 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.header.writers.HstsHeaderWriter  : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@a5843f5
2017-02-23 16:21:17.485 DEBUG 3757 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : /login/slack at position 4 of 12 in additional filter chain; firing Filter: 'CsrfFilter'
2017-02-23 16:21:17.485 DEBUG 3757 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : /login/slack at position 5 of 12 in additional filter chain; firing Filter: 'LogoutFilter'
2017-02-23 16:21:17.485 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Request 'GET /login/slack' doesn't match 'POST /logout
2017-02-23 16:21:17.486 DEBUG 3757 --- [nio-8080-exec-9] o.s.security.web.FilterChainProxy        : /login/slack at position 6 of 12 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
2017-02-23 16:21:17.486 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.w.u.matcher.AntPathRequestMatcher  : Checking match of request : '/login/slack'; against '/login/slack'
2017-02-23 16:21:17.486 DEBUG 3757 --- [nio-8080-exec-9] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
2017-02-23 16:21:17.543 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.oauth2.client.OAuth2RestTemplate   : Created GET request for "https://slack.com/api/users.identity?token="
2017-02-23 16:21:17.543 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.oauth2.client.OAuth2RestTemplate   : Setting request Accept header to [application/json, application/*+json]
2017-02-23 16:21:17.764 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.oauth2.client.OAuth2RestTemplate   : GET request for "https://slack.com/api/users.identity?token=" resulted in 200 (OK)
2017-02-23 16:21:17.764 DEBUG 3757 --- [nio-8080-exec-9] o.s.s.oauth2.client.OAuth2RestTemplate   : Reading [interface java.util.Map] as "application/json;charset=utf-8" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@8914cc4]
2017-02-23 16:21:17.767 DEBUG 3757 --- [nio-8080-exec-9] uth2ClientAuthenticationProcessingFilter : Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Could not obtain user details from token

org.springframework.security.authentication.BadCredentialsException: Could not obtain user details from token
    at org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter.attemptAuthentication(OAuth2ClientAuthenticationProcessingFilter.java:122) ~[spring-security-oauth2-2.0.12.RELEASE.jar!/:na]
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) ~[spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:100) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) [spring-security-web-4.2.1.RELEASE.jar!/:4.2.1.RELEASE]
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter.doFilter(OAuth2ClientContextFilter.java:60) [spring-security-oauth2-2.0.12.RELEASE.jar!/:na]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:105) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106) [spring-boot-actuator-1.5.1.RELEASE.jar!/:1.5.1.RELEASE]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.6.RELEASE.jar!/:4.3.6.RELEASE]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:474) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:349) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:798) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1434) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_71]
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_71]
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-embed-core-8.5.11.jar!/:8.5.11]
    at java.lang.Thread.run(Thread.java:745) [na:1.7.0_71]
Caused by: org.springframework.security.oauth2.common.exceptions.InvalidTokenException: xoxp-9927885091-14802285653............
    at org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoTokenServices.loadAuthentication(UserInfoTokenServices.java:93) ~[spring-boot-autoconfigure-1.5.1.RELEASE.jar!/:1.5.1.RELEASE]
    at org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter.attemptAuthentication(OAuth2ClientAuthenticationProcessingFilter.java:112) ~[spring-security-oauth2-2.0.12.RELEASE.jar!/:na]
    ... 60 common frames omitted

2017-02-23 16:21:17.769 DEBUG 3757 --- [nio-8080-exec-9] uth2ClientAuthenticationProcessingFilter : Updated SecurityContextHolder to contain null Authentication
2017-02-23 16:21:17.769 DEBUG 3757 --- [nio-8080-exec-9] uth2ClientAuthenticationProcessingFilter : Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@5ce08277
2017-02-23 16:21:17.769 DEBUG 3757 --- [nio-8080-exec-9] .a.SimpleUrlAuthenticationFailureHandler : No failure URL set, sending 401 Unauthorized error
2017-02-23 16:21:17.769 DEBUG 3757 --- [nio-8080-exec-9] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2017-02-23 16:21:17.769 DEBUG 3757 --- [nio-8080-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed

感谢任何帮助

最佳答案

好的,我终于解决了问题。

该问题与无效的松弛配置有关。

如果以后有人需要配置Slack.com,请在下面随意使用:)

slack:
  client:
    clientId: <CID>
    clientSecret: <PASS>
    accessTokenUri: https://slack.com/api/oauth.access
    userAuthorizationUri: https://slack.com/oauth/authorize
    tokenName: token
    authenticationScheme: query
    clientAuthenticationScheme: form
    scope: identity.basic
  resource:
    userInfoUri: https://slack.com/api/users.identity
    tokenType: Bearer
    preferTokenInfo: false

09-30 15:34