在 WSO2 IS 5.10 中进行后端 api 调用时出现 CORS 问题的示例 Pickup 调度 Web 应用程序
Sample Pickup dispatch web app giving CORS issue when making backend api calls in WSO2 IS 5.10
我正在测试 WSO2 Identity Server 5.10 的取件调度示例 Web 应用程序
https://is.docs.wso2.com/en/5.9.0/learn/configuring-access-delegation-with-oauth2/
一切都按照文档中的说明进行设置。单击 'Add' 时,请求无法完成,因为它因 CORS 策略而被阻止。
Access to XMLHttpRequest at 'http://localhost:39090/bookings' from origin 'http://localhost.com:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
我添加了以下内容
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
到文件
CARBON_HOME\repository\deployment\server\webapps\oauth2\WEB-INF\web.xml
TOMCAT_HOME\webapps\pickup-dispatch\WEB-INF\web.xml
如本文所述posthttp://hasanthipurnima.blogspot.com/2016/05/applying-cors-filter-to-wso2-identity.html
但是,我仍然收到错误。这是请求头
更新:
这是出现CORS问题时记录的错误日志
G:\wso2>java -jar backend-service.jar -introspectionEnabled true
2020-06-09 11:43:24 INFO BookingService:47 - Service properties loaded successfully.
2020-06-09 11:43:24 INFO BookingService:84 - Setting trust store path to : C:\Users\tvenna\AppData\Local\Temp\wso2carbon.jks3555396828881642435
2020-06-09 11:43:24 INFO BookingService:109 - Starting backend service.
2020-06-09 11:43:24 INFO BookingService:110 - Configurations :
2020-06-09 11:43:24 INFO BookingService:113 - port: 39090
2020-06-09 11:43:24 INFO BookingService:113 - introspectionEndpoint: https://localhost:9443/oauth2/introspect
2020-06-09 11:43:24 INFO BookingService:113 - introspectionEnabled: true
2020-06-09 11:43:24 INFO MicroservicesRunner:309 - Microservices server started in 267ms
2020-06-09 11:43:24 INFO ServerConnectorBootstrap$HTTPServerConnector:207 - HTTP(S) Interface starting on host 0.0.0.0 and port 39090
2020-06-09 11:43:46 INFO BookingService:66 - OPTIONS /bookings
2020-06-09 11:43:46 INFO BookingService:80 - GET /bookings
2020-06-09 11:43:46 ERROR IntrospectionHandler:107 - Error while calling token introspection endpoint
java.io.IOException: Server returned HTTP response code: 403 for URL: https://localhost:9443/oauth2/introspect
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at org.wso2.sample.identity.backend.IntrospectionHandler.getIntrospectionResponse(IntrospectionHandler.java:95)
at org.wso2.sample.identity.backend.IntrospectionHandler.isAuthorized(IntrospectionHandler.java:65)
at org.wso2.sample.identity.backend.BookingService.bookingsGet(BookingService.java:83)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.wso2.msf4j.internal.router.HttpMethodInfo.invokeResource(HttpMethodInfo.java:187)
at org.wso2.msf4j.internal.router.HttpMethodInfo.invoke(HttpMethodInfo.java:143)
at org.wso2.msf4j.internal.MSF4JHttpConnectorListener.dispatchMethod(MSF4JHttpConnectorListener.java:218)
at org.wso2.msf4j.internal.MSF4JHttpConnectorListener.lambda$onMessage(MSF4JHttpConnectorListener.java:129)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
2020-06-09 11:43:46 WARN MSF4JHttpConnectorListener:243 - Unmapped exception
java.lang.RuntimeException: java.io.IOException: Server returned HTTP response code: 403 for URL: https://localhost:9443/oauth2/introspect
at org.wso2.sample.identity.backend.IntrospectionHandler.getIntrospectionResponse(IntrospectionHandler.java:108)
at org.wso2.sample.identity.backend.IntrospectionHandler.isAuthorized(IntrospectionHandler.java:65)
at org.wso2.sample.identity.backend.BookingService.bookingsGet(BookingService.java:83)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.wso2.msf4j.internal.router.HttpMethodInfo.invokeResource(HttpMethodInfo.java:187)
at org.wso2.msf4j.internal.router.HttpMethodInfo.invoke(HttpMethodInfo.java:143)
at org.wso2.msf4j.internal.MSF4JHttpConnectorListener.dispatchMethod(MSF4JHttpConnectorListener.java:218)
at org.wso2.msf4j.internal.MSF4JHttpConnectorListener.lambda$onMessage(MSF4JHttpConnectorListener.java:129)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: https://localhost:9443/oauth2/introspect
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at org.wso2.sample.identity.backend.IntrospectionHandler.getIntrospectionResponse(IntrospectionHandler.java:95)
... 13 more
将以下内容添加到
CARBON_HOME\repository\resources\conf\templates\repository\conf\tomcat\web.xml.j2
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, HEAD, POST, DELETE, OPTIONS, PATCH, PUT</param-value>
</init-param>
<init-param>
<param-name>cors.exposedHeaders</param-name>
<param-value>Location</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
重新启动 IS 和 tomcat,问题仍然存在。
在 Chrome 和 Firefox 浏览器中测试。
从您更新的堆栈跟踪中,我可以看到当后端服务尝试对 WSO2 身份服务器进行内省调用时会出现问题。此内省调用使用它正在内省的令牌作为调用它自己的授权。为此,需要使用范围 internal_application_mgt_view 获取令牌。但目前,取件-调度应用程序仅请求 openid 范围内的令牌。
要解决此问题,请在文本编辑器中打开 /pickup-dispatch/WEB-INF/classes 目录中的 dispatch.properties 文件并编辑scope 属性 如下所示。
scope=openid internal_application_mgt_view
重新启动您的 Tomcat 服务器并重试。
希望对您有所帮助!
我正在测试 WSO2 Identity Server 5.10 的取件调度示例 Web 应用程序 https://is.docs.wso2.com/en/5.9.0/learn/configuring-access-delegation-with-oauth2/
一切都按照文档中的说明进行设置。单击 'Add' 时,请求无法完成,因为它因 CORS 策略而被阻止。
Access to XMLHttpRequest at 'http://localhost:39090/bookings' from origin 'http://localhost.com:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
我添加了以下内容
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
到文件
CARBON_HOME\repository\deployment\server\webapps\oauth2\WEB-INF\web.xml
TOMCAT_HOME\webapps\pickup-dispatch\WEB-INF\web.xml
如本文所述posthttp://hasanthipurnima.blogspot.com/2016/05/applying-cors-filter-to-wso2-identity.html
但是,我仍然收到错误。这是请求头
更新: 这是出现CORS问题时记录的错误日志
G:\wso2>java -jar backend-service.jar -introspectionEnabled true
2020-06-09 11:43:24 INFO BookingService:47 - Service properties loaded successfully.
2020-06-09 11:43:24 INFO BookingService:84 - Setting trust store path to : C:\Users\tvenna\AppData\Local\Temp\wso2carbon.jks3555396828881642435
2020-06-09 11:43:24 INFO BookingService:109 - Starting backend service.
2020-06-09 11:43:24 INFO BookingService:110 - Configurations :
2020-06-09 11:43:24 INFO BookingService:113 - port: 39090
2020-06-09 11:43:24 INFO BookingService:113 - introspectionEndpoint: https://localhost:9443/oauth2/introspect
2020-06-09 11:43:24 INFO BookingService:113 - introspectionEnabled: true
2020-06-09 11:43:24 INFO MicroservicesRunner:309 - Microservices server started in 267ms
2020-06-09 11:43:24 INFO ServerConnectorBootstrap$HTTPServerConnector:207 - HTTP(S) Interface starting on host 0.0.0.0 and port 39090
2020-06-09 11:43:46 INFO BookingService:66 - OPTIONS /bookings
2020-06-09 11:43:46 INFO BookingService:80 - GET /bookings
2020-06-09 11:43:46 ERROR IntrospectionHandler:107 - Error while calling token introspection endpoint
java.io.IOException: Server returned HTTP response code: 403 for URL: https://localhost:9443/oauth2/introspect
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at org.wso2.sample.identity.backend.IntrospectionHandler.getIntrospectionResponse(IntrospectionHandler.java:95)
at org.wso2.sample.identity.backend.IntrospectionHandler.isAuthorized(IntrospectionHandler.java:65)
at org.wso2.sample.identity.backend.BookingService.bookingsGet(BookingService.java:83)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.wso2.msf4j.internal.router.HttpMethodInfo.invokeResource(HttpMethodInfo.java:187)
at org.wso2.msf4j.internal.router.HttpMethodInfo.invoke(HttpMethodInfo.java:143)
at org.wso2.msf4j.internal.MSF4JHttpConnectorListener.dispatchMethod(MSF4JHttpConnectorListener.java:218)
at org.wso2.msf4j.internal.MSF4JHttpConnectorListener.lambda$onMessage(MSF4JHttpConnectorListener.java:129)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
2020-06-09 11:43:46 WARN MSF4JHttpConnectorListener:243 - Unmapped exception
java.lang.RuntimeException: java.io.IOException: Server returned HTTP response code: 403 for URL: https://localhost:9443/oauth2/introspect
at org.wso2.sample.identity.backend.IntrospectionHandler.getIntrospectionResponse(IntrospectionHandler.java:108)
at org.wso2.sample.identity.backend.IntrospectionHandler.isAuthorized(IntrospectionHandler.java:65)
at org.wso2.sample.identity.backend.BookingService.bookingsGet(BookingService.java:83)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.wso2.msf4j.internal.router.HttpMethodInfo.invokeResource(HttpMethodInfo.java:187)
at org.wso2.msf4j.internal.router.HttpMethodInfo.invoke(HttpMethodInfo.java:143)
at org.wso2.msf4j.internal.MSF4JHttpConnectorListener.dispatchMethod(MSF4JHttpConnectorListener.java:218)
at org.wso2.msf4j.internal.MSF4JHttpConnectorListener.lambda$onMessage(MSF4JHttpConnectorListener.java:129)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: Server returned HTTP response code: 403 for URL: https://localhost:9443/oauth2/introspect
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at org.wso2.sample.identity.backend.IntrospectionHandler.getIntrospectionResponse(IntrospectionHandler.java:95)
... 13 more
将以下内容添加到 CARBON_HOME\repository\resources\conf\templates\repository\conf\tomcat\web.xml.j2
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET, HEAD, POST, DELETE, OPTIONS, PATCH, PUT</param-value>
</init-param>
<init-param>
<param-name>cors.exposedHeaders</param-name>
<param-value>Location</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
重新启动 IS 和 tomcat,问题仍然存在。 在 Chrome 和 Firefox 浏览器中测试。
从您更新的堆栈跟踪中,我可以看到当后端服务尝试对 WSO2 身份服务器进行内省调用时会出现问题。此内省调用使用它正在内省的令牌作为调用它自己的授权。为此,需要使用范围 internal_application_mgt_view 获取令牌。但目前,取件-调度应用程序仅请求 openid 范围内的令牌。
要解决此问题,请在文本编辑器中打开 /pickup-dispatch/WEB-INF/classes 目录中的 dispatch.properties 文件并编辑scope 属性 如下所示。
scope=openid internal_application_mgt_view
重新启动您的 Tomcat 服务器并重试。
希望对您有所帮助!