如何在helidon中使用OIDC断言OAM令牌？

Question

如何在helidon中使用OIDC断言OAM令牌？

我试图断言OAM令牌，但得到如下所示的错误，并且我尝试断言IDCS令牌，它工作正常

Exception in thread “main” io.helidon.common.Errors$ErrorMessagesException: [FATAL: Failed to load metadata: io.helidon.common.configurable.ResourceException: Failed to open stream to uri: https://{{OAM_host}}:{{port}}/.well-known/openid-configuration at io.helidon.common.configurable.ResourceException: Failed to open stream to uri: https://{{OAM_host}}:{{port}}/.well-known/openid-configuration, FATAL: When token_endpoint is not explicitly defined, the OIDC metadata must exist at class io.helidon.security.providers.oidc.common.OidcConfig$Builder, FATAL: When authorization_endpoint is not explicitly defined, the OIDC metadata must exist at class io.helidon.security.providers.oidc.common.OidcConfig$Builder, FATAL: When jwks_uri is not explicitly defined, the OIDC metadata must exist at class io.helidon.security.providers.oidc.common.OidcConfig$Builder]

并在application.properties中添加了OAM详细信息：

providers:
    - abac:
    - oidc:
        client-id: "${ALIAS=security.properties.client-id}"
        client-secret: "${ALIAS=security.properties.client-secret}"
        identity-uri: "${ALIAS=security.properties.uri}"
        # A prefix used for custom scopes
        scope-audience: "${ALIAS=security.properties.scope-audience}"
        audience: "${ALIAS=security.properties.audience}"
        proxy-host: "${ALIAS=security.properties.proxy-host}"
        frontend-uri: "${ALIAS=security.properties.frontend-uri}"
        cookie-name: "OIDC_SESSION"
        cookie-same-site: "Lax"
        header-use: true
        redirect: false

我是不是漏掉了什么？

Answer 1

如果您查看您的异常，它会指出端点无效：

https://{{OAM_host}}:{{port}}/.well-known/openid-configuration

这意味着您的配置包含{{OAM_host}}和{{port}} -这些占位符不会被Helidon配置替换。

在Helidon1.x中，您可以使用${ALIAS=key}来引用键

从Helidon2.0.0-M2开始，您可以使用${key}引用密钥