Spring Boot OAuth:不支持的授权类型 [英] Spring boot oauth: unsupported grant type
本文介绍了Spring Boot OAuth:不支持的授权类型的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
请帮助我...不受支持的赠款类型使我发疯..
我的春季启动设置看起来像这样。
please help me... unsupported grant type makes me crazy.. my spring boot settings look like this.
@Configuration
@EnableAuthorizationServer
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter{
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
// TODO Auto-generated method stub
super.configure(endpoints);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
// TODO Auto-generated method stub
security
/*.tokenKeyAccess("permitAll()")*/
.checkTokenAccess("isAuthenticated()");
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(jwtAccessTokenConverter());
}
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
return new JwtAccessTokenConverter();
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
// TODO Auto-generated method stub
clients.inMemory()
.withClient("foo")
.secret("{noop}bar")
.authorizedGrantTypes("password", "authorization_code", "refresh_token","client_credentials")
.authorities("ROLE_CLIENT","ROLE_TRUSTED_CLIENT")
.scopes("read", "write","trust","openid")
.accessTokenValiditySeconds(120).//Access token is only valid for 2 minutes.
refreshTokenValiditySeconds(600);//Refresh token is only valid for 10 minutes.
}
}
这是邮递员测试的结果,总是返回不受支持的授权类型密码
and this is result of postman test that always return unsupported grant type 'password'
推荐答案
(如果您使用的是 grant_type = password ,您必须:
if you are using grant_type="password", you have to :
在您自己的 WebSecurityConfigurerAdapter
中创建以下bean class
create below bean in your own WebSecurityConfigurerAdapter
class
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
将其注入 AuthorizationServerConfigurerAdapter
类
@Autowired
private AuthenticationManager authenticationManager;
在 configure(AuthorizationServerEndpointsConfigurer端点)中使用它
方法
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.authenticationManager(authenticationManager);
}
完整示例:
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Bean
@Override
protected UserDetailsService userDetailsService(){
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("a").password("123456").authorities("USER").build());
return manager;
}
}
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
private AuthenticationManager authenticationManager;
@Autowired
public AuthorizationServerConfig(AuthenticationManager authenticationManager) {
this.authenticationManager = authenticationManager;
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) {
security.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()")
.allowFormAuthenticationForClients();
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("CLIEN_ID").secret("CLIENT_SECRET")
.authorizedGrantTypes("password", "refresh_token")
.authorities("CLIENT")
.scopes("read");
}
}
测试:
curl -i -X POST -d "username=a&password=123456&grant_type=password&client_id=CLIENT_ID&client_secret=CLIENT_SECRET" http://localhost:8080/oauth/token
这篇关于Spring Boot OAuth:不支持的授权类型的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文