现在的项目已经有权限管理(基于RBAC), 需要对外开放一些api给第三方。id-server怎么结合现已有的权限呢？

id-server 有张oauth2_scope表 -> scope 字段是不是可以对接现有系统的权限角色,然后第三方就拥有访问权限了

RT。

认证成功后，后台log也能看出从oidc方法中取得用户信息，但重定向回client，总是又回到login page，上面显示“[invalid_user_info_response] An error occurred while attempting to retrieve the UserInfo Resource: 403 : "{"error":"insufficient_scope"}"

始终没找到原因，麻烦帮忙指导一下？多下。

支持手机号登录，支持二维码扫码登录

请问针对于资源服务器获取token的话 是根据nimbus-jose-jwt 写的token生成方法生成token吗？
或者是其他方式？

先给项目点赞，做的很棒！想要一个类似keycloak IDP认证的入口，比如配置钉钉/飞书/gitee/微信等第三方登录，请问有计划开发吗？

【本地环境】JDK11 Win10 IDEA2022.1 Mysql8.0 Chrome最新版
【期望结果】登录授权确认后，返回资源
【实际结果】后台认证服务器报错，报错信息如下：
`Hibernate: select authorizat0_.id as id1_0_, authorizat0_.access_token_expires_at as access_t2_0_, authorizat0_.access_token_issued_at as access_t3_0_, authorizat0_.access_token_metadata as access_t4_0_, authorizat0_.access_token_scopes as access_t5_0_, authorizat0_.access_token_type as access_t6_0_, authorizat0_.access_token_value as access_t7_0_, authorizat0_.attributes as attribut8_0_, authorizat0_.authorization_code_expires_at as authoriz9_0_, authorizat0_.authorization_code_issued_at as authori10_0_, authorizat0_.authorization_code_metadata as authori11_0_, authorizat0_.authorization_code_value as authori12_0_, authorizat0_.authorization_grant_type as authori13_0_, authorizat0_.oidc_id_token_claims as oidc_id14_0_, authorizat0_.oidc_id_token_expires_at as oidc_id15_0_, authorizat0_.oidc_id_token_issued_at as oidc_id16_0_, authorizat0_.oidc_id_token_metadata as oidc_id17_0_, authorizat0_.oidc_id_token_value as oidc_id18_0_, authorizat0_.principal_name as princip19_0_, authorizat0_.refresh_token_expires_at as refresh20_0_, authorizat0_.refresh_token_issued_at as refresh21_0_, authorizat0_.refresh_token_metadata as refresh22_0_, authorizat0_.refresh_token_value as refresh23_0_, authorizat0_.registered_client_id as registe24_0_, authorizat0_.state as state25_0_ from authorization authorizat0_ where authorizat0_.state=?
Hibernate: select oauth2clie0_.id as id1_4_0_, clientauth1_.client_authentication_method as client_a1_2_1_, clientauth1_.client_id as client_i2_2_1_, oauth2toke2_.client_id as client_i1_8_2_, redirectur3_.client_id as client_i1_10_3_, redirectur3_.redirect_uri as redirect2_10_3_, authorizat4_.client_id as client_i1_6_4_, authorizat4_.grant_type_name as grant_ty2_6_4_, oauth2clie5_.client_id as client_i1_5_5_, scopes6_.client_id as client_i1_7_6_, scopes6_.scope as scope2_7_6_, oauth2clie0_.client_id as client_i2_4_0_, oauth2clie0_.client_id_issued_at as client_i3_4_0_, oauth2clie0_.client_name as client_n4_4_0_, oauth2clie0_.client_secret as client_s5_4_0_, oauth2clie0_.client_secret_expires_at as client_s6_4_0_, clientauth1_.client_id as client_i2_2_0__, clientauth1_.client_authentication_method as client_a1_2_0__, oauth2toke2_.access_token_time_to_live as access_t2_8_2_, oauth2toke2_.id_token_signature_algorithm as id_token3_8_2_, oauth2toke2_.refresh_token_time_to_live as refresh_4_8_2_, oauth2toke2_.reuse_refresh_tokens as reuse_re5_8_2_, oauth2toke2_.token_format as token_fo6_8_2_, redirectur3_.client_id as client_i1_10_1__, redirectur3_.redirect_uri as redirect2_10_1__, authorizat4_.client_id as client_i1_6_2__, authorizat4_.grant_type_name as grant_ty2_6_2__, oauth2clie5_.jwk_set_url as jwk_set_2_5_5_, oauth2clie5_.require_authorization_consent as require_3_5_5_, oauth2clie5_.require_proof_key as require_4_5_5_, oauth2clie5_.signing_algorithm as signing_5_5_5_, scopes6_.description as descript3_7_6_, scopes6_.client_id as client_i1_7_3__, scopes6_.scope as scope2_7_3__ from oauth2_client oauth2clie0_ left outer join client_auth_method clientauth1_ on oauth2clie0_.client_id=clientauth1_.client_id left outer join oauth2_token_settings oauth2toke2_ on oauth2clie0_.client_id=oauth2toke2_.client_id left outer join redirect_uri redirectur3_ on oauth2clie0_.client_id=redirectur3_.client_id left outer join oauth2_grant_type authorizat4_ on oauth2clie0_.client_id=authorizat4_.client_id left outer join oauth2_client_settings oauth2clie5_ on oauth2clie0_.client_id=oauth2clie5_.client_id left outer join oauth2_scope scopes6_ on oauth2clie0_.client_id=scopes6_.client_id where oauth2clie0_.id=?
2022-05-16 16:07:13.493 ERROR 27552 --- [nio-9000-exec-2] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception

java.lang.IllegalArgumentException: The class with cn.felord.idserver.entity.UserInfo and name of cn.felord.idserver.entity.UserInfo is not in the allowlist. If you believe this class is safe to deserialize, please provide an explicit mapping using Jackson annotations or by providing a Mixin. If the serialization is only done by a trusted source, you can also enable default typing. See spring-projects/spring-security#4370 for details
at cn.felord.idserver.service.JpaOAuth2AuthorizationService.parseMap(JpaOAuth2AuthorizationService.java:240) ~[classes/:na]
at cn.felord.idserver.service.JpaOAuth2AuthorizationService.lambda$toObject$0(JpaOAuth2AuthorizationService.java:120) ~[classes/:na]
at org.springframework.security.oauth2.server.authorization.OAuth2Authorization$Builder.attributes(OAuth2Authorization.java:504) ~[spring-security-oauth2-authorization-server-0.2.3.jar:0.2.3]
at cn.felord.idserver.service.JpaOAuth2AuthorizationService.toObject(JpaOAuth2AuthorizationService.java:120) ~[classes/:na]
at java.base/java.util.Optional.map(Optional.java:265) ~[na:na]
at cn.felord.idserver.service.JpaOAuth2AuthorizationService.findByToken(JpaOAuth2AuthorizationService.java:106) ~[classes/:na]
at org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationProvider.authenticateAuthorizationConsent(OAuth2AuthorizationCodeRequestAuthenticationProvider.java:327) ~[spring-security-oauth2-authorization-server-0.2.3.jar:0.2.3]
at org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationProvider.authenticate(OAuth2AuthorizationCodeRequestAuthenticationProvider.java:121) ~[spring-security-oauth2-authorization-server-0.2.3.jar:0.2.3]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-5.6.2.jar:5.6.2]
at org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter.doFilterInternal(OAuth2AuthorizationEndpointFilter.java:149) ~[spring-security-oauth2-authorization-server-0.2.3.jar:0.2.3]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.18.jar:5.3.18]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.18.jar:5.3.18]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.18.jar:5.3.18]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.oauth2.server.authorization.web.ProviderContextFilter.doFilterInternal(ProviderContextFilter.java:63) ~[spring-security-oauth2-authorization-server-0.2.3.jar:0.2.3]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.18.jar:5.3.18]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.18.jar:5.3.18]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183) ~[spring-security-web-5.6.2.jar:5.6.2]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354) ~[spring-web-5.3.18.jar:5.3.18]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267) ~[spring-web-5.3.18.jar:5.3.18]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.18.jar:5.3.18]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.18.jar:5.3.18]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.3.18.jar:5.3.18]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.18.jar:5.3.18]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:96) ~[spring-boot-actuator-2.6.6.jar:2.6.6]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.18.jar:5.3.18]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.3.18.jar:5.3.18]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.18.jar:5.3.18]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:889) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1743) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.60.jar:9.0.60]
at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: java.lang.IllegalArgumentException: The class with cn.felord.idserver.entity.UserInfo and name of cn.felord.idserver.entity.UserInfo is not in the allowlist. If you believe this class is safe to deserialize, please provide an explicit mapping using Jackson annotations or by providing a Mixin. If the serialization is only done by a trusted source, you can also enable default typing. See spring-projects/spring-security#4370 for details
at org.springframework.security.jackson2.SecurityJackson2Modules$AllowlistTypeIdResolver.typeFromId(SecurityJackson2Modules.java:253) ~[spring-security-core-5.6.2.jar:5.6.2]
at com.fasterxml.jackson.databind.jsontype.impl.TypeDeserializerBase._findDeserializer(TypeDeserializerBase.java:159) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer._deserializeTypedForId(AsPropertyTypeDeserializer.java:125) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer.deserializeTypedFromObject(AsPropertyTypeDeserializer.java:110) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer.deserializeTypedFromAny(AsPropertyTypeDeserializer.java:213) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.deser.std.UntypedObjectDeserializer$Vanilla.deserializeWithType(UntypedObjectDeserializer.java:781) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.deser.impl.TypeWrappedDeserializer.deserialize(TypeWrappedDeserializer.java:74) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:322) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.ObjectMapper._readValue(ObjectMapper.java:4650) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2831) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at org.springframework.security.jackson2.UsernamePasswordAuthenticationTokenDeserializer.getPrincipal(UsernamePasswordAuthenticationTokenDeserializer.java:104) ~[spring-security-core-5.6.2.jar:5.6.2]
at org.springframework.security.jackson2.UsernamePasswordAuthenticationTokenDeserializer.deserialize(UsernamePasswordAuthenticationTokenDeserializer.java:75) ~[spring-security-core-5.6.2.jar:5.6.2]
at org.springframework.security.jackson2.UsernamePasswordAuthenticationTokenDeserializer.deserialize(UsernamePasswordAuthenticationTokenDeserializer.java:51) ~[spring-security-core-5.6.2.jar:5.6.2]
at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer._deserializeTypedForId(AsPropertyTypeDeserializer.java:144) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer.deserializeTypedFromObject(AsPropertyTypeDeserializer.java:110) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer.deserializeTypedFromAny(AsPropertyTypeDeserializer.java:213) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.deser.std.UntypedObjectDeserializer$Vanilla.deserializeWithType(UntypedObjectDeserializer.java:781) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.deser.impl.TypeWrappedDeserializer.deserialize(TypeWrappedDeserializer.java:74) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:322) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.ObjectMapper._readValue(ObjectMapper.java:4650) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:2831) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at org.springframework.security.oauth2.server.authorization.jackson2.UnmodifiableMapDeserializer.deserialize(UnmodifiableMapDeserializer.java:52) ~[spring-security-oauth2-authorization-server-0.2.3.jar:0.2.3]
at org.springframework.security.oauth2.server.authorization.jackson2.UnmodifiableMapDeserializer.deserialize(UnmodifiableMapDeserializer.java:42) ~[spring-security-oauth2-authorization-server-0.2.3.jar:0.2.3]
at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer._deserializeTypedForId(AsPropertyTypeDeserializer.java:144) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer.deserializeTypedFromObject(AsPropertyTypeDeserializer.java:110) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.deser.std.MapDeserializer.deserializeWithType(MapDeserializer.java:482) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.deser.impl.TypeWrappedDeserializer.deserialize(TypeWrappedDeserializer.java:74) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:322) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4674) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3629) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3612) ~[jackson-databind-2.13.2.2.jar:2.13.2.2]
at cn.felord.idserver.service.JpaOAuth2AuthorizationService.parseMap(JpaOAuth2AuthorizationService.java:237) ~[classes/:na]
... 68 common frames omitted

`

改了client-authentication-method总是报失败

请问能否改造一个前后端分离版本？

请问针对前后端分离使用ajax请求的情况如何优雅的做到跳转登录
前后端分离部署，后端接口无状态，如何设计授权码流程

将client配置了所有的授权方式，在client端将授权配置改为 authorization-grant-type: refresh_token有问题

{"oAuth2AuthorizedClient":null,"authentication":{"authorities":[{"authority":"ROLE_ANONYMOUS"}],"details":{"remoteAddress":"127.0.0.1","sessionId":"723ABDC991973F7DF20348D9B6D3849C"},"authenticated":true,"principal":"anonymousUser","keyHash":-1176455732,"credentials":"","name":"anonymousUser"}}

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authorizationServerSecurityFilterChain' defined in class path resource [cn/felord/idserver/configure/IdServerSecurityConfiguration$AuthorizationServerConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.web.SecurityFilterChain]: Factory method 'authorizationServerSecurityFilterChain' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwkSource' defined in class path resource [cn/felord/idserver/configure/JwtConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.nimbusds.jose.jwk.source.JWKSource]: Factory method 'jwkSource' threw exception; nested exception is java.io.FileNotFoundException: class path resource [jose.jks] cannot be opened because it does not exist

样例客户端在samples文件夹下，直接启动，浏览器配置文件下的http://127.0.0.1:8082/foo/bar，进入登录页，输入用户名user和密码user即可 这一步是没问题的
但是如果请求其他请求，例如 http://127.0.0.1:8082/ 进入登录界面，输入用户名密码 就会跳转到500错误页面

Parameter 1 of constructor in cn.felord.idserver.service.JpaRegisteredClientRepository required a bean of type 'cn.felord.idserver.mapstruct.OAuth2ClientMapper' that could not be found.

Hello, Spring Authorization Server已发布0.3.0版本，是否考虑下升级到最新

希望提供会话管理功能，可以管理正在登录的客户端以及客户端对应的用户状态

支持类似Keycloak中的C/S端登陆，可以有两种方式：
1、客户端跳转到浏览器完成登录，登录成功后返回给客户端用户信息。浏览器端维持会话
2、客户端调换到浏览器获取一个Code验证码，客户端拿着code去登陆

oidc的跳转返回能自定义跳转路径吗??

参考Spring Security的登录页面进行改造美化，需要动态适配，如果是oauth2要适配oauth2的样式

希望支持用户联合，支持IDAP、AD域同步用户数据

我想将登录页面在Vue中实现，但是客户端模式下，登录页是直接重定向到授权服务器去了，这样似乎没法做到使用axios发送请求来进行登录，vuejs+springcloud的组合适合客户端模式吗

authorization_consent 表的客户端用户目前无法管理

直接使用POST /login 传用户名密码进行登录认证，然后取得access token ,而不是使用浏览器的登录页？