Spring OAuth2:如何使用 java 配置允许密码授予类型?
Spring OAuth2: How do I allow password grant type using java configuration?
在我的 java 服务器应用程序中,尝试使用密码授予流程进行身份验证时出现以下错误:
TokenEndpoint - Handling error: InvalidClientException, Unauthorized grant type: password
我确实为相关用户明确允许了授权:
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("officialclient")
.authorizedGrantTypes("authorization_code, refresh_token, password")
.authorities("ROLE_CLIENT")
.scopes("read", "write")
.resourceIds(RESOURCE_ID)
.secret("officialclientsecret")
.redirectUris("https://www.someurl.com/")
}
我正在使用以下代码检索访问令牌:
ResourceOwnerPasswordResourceDetails resourceDetails = new ResourceOwnerPasswordResourceDetails();
resourceDetails.setClientAuthenticationScheme(AuthenticationScheme.header);
resourceDetails.setAccessTokenUri("http://localhost:8080/organizer/oauth/token");
resourceDetails.setScope(Arrays.asList("read", "write"));
resourceDetails.setId("resource");
resourceDetails.setClientId("officialclient");
resourceDetails.setClientSecret("officialclientsecret");
resourceDetails.setUsername("Paul");
resourceDetails.setPassword("password");
OAuth2RestTemplate template = new OAuth2RestTemplate(resourceDetails, context);
return template.getAccessToken().getValue();
是否有允许密码授予类型的全局设置?
您应该使用 变量参数 ,而不是像您那样使用逗号分隔的字符串值:
.authorizedGrantTypes("authorization_code, refresh_token, password")
替换为:
.authorizedGrantTypes("authorization_code", "refresh_token", "password")
您需要向 AuthorizationServerEndpointsConfigurer
提供 AuthenticationManager
。更多信息 here 在授权类型下。示例:
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
如果你想使用spring boot提供的默认管理器用于开发目的,你可以像这样获取bean:
@Component
@EnableAuthorizationServer
public class MyAuthorizationServerConfigurer extends AuthorizationServerConfigurerAdapter {
private final AuthenticationManager authenticationManager;
public MyAuthorizationServerConfigurer(AuthenticationConfiguration authenticationConfiguration) throws Exception {
this.authenticationManager = authenticationConfiguration.getAuthenticationManager();
}
}
在我的 java 服务器应用程序中,尝试使用密码授予流程进行身份验证时出现以下错误:
TokenEndpoint - Handling error: InvalidClientException, Unauthorized grant type: password
我确实为相关用户明确允许了授权:
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("officialclient")
.authorizedGrantTypes("authorization_code, refresh_token, password")
.authorities("ROLE_CLIENT")
.scopes("read", "write")
.resourceIds(RESOURCE_ID)
.secret("officialclientsecret")
.redirectUris("https://www.someurl.com/")
}
我正在使用以下代码检索访问令牌:
ResourceOwnerPasswordResourceDetails resourceDetails = new ResourceOwnerPasswordResourceDetails();
resourceDetails.setClientAuthenticationScheme(AuthenticationScheme.header);
resourceDetails.setAccessTokenUri("http://localhost:8080/organizer/oauth/token");
resourceDetails.setScope(Arrays.asList("read", "write"));
resourceDetails.setId("resource");
resourceDetails.setClientId("officialclient");
resourceDetails.setClientSecret("officialclientsecret");
resourceDetails.setUsername("Paul");
resourceDetails.setPassword("password");
OAuth2RestTemplate template = new OAuth2RestTemplate(resourceDetails, context);
return template.getAccessToken().getValue();
是否有允许密码授予类型的全局设置?
您应该使用 变量参数 ,而不是像您那样使用逗号分隔的字符串值:
.authorizedGrantTypes("authorization_code, refresh_token, password")
替换为:
.authorizedGrantTypes("authorization_code", "refresh_token", "password")
您需要向 AuthorizationServerEndpointsConfigurer
提供 AuthenticationManager
。更多信息 here 在授权类型下。示例:
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
如果你想使用spring boot提供的默认管理器用于开发目的,你可以像这样获取bean:
@Component
@EnableAuthorizationServer
public class MyAuthorizationServerConfigurer extends AuthorizationServerConfigurerAdapter {
private final AuthenticationManager authenticationManager;
public MyAuthorizationServerConfigurer(AuthenticationConfiguration authenticationConfiguration) throws Exception {
this.authenticationManager = authenticationConfiguration.getAuthenticationManager();
}
}