1. 首页
  2. 问答
  3. 春天的oauth2/OAuth的/凭证无效的凭证

春天的oauth2/OAuth的/凭证无效的凭证

2017-04-06 118 views
0

这里是我的Application.java春天的oauth2/OAuth的/凭证无效的凭证

@SpringBootApplication 
@RestController 
@EnableResourceServer 
@EnableAuthorizationServer 
public class Application { 

    @RequestMapping(value = { "/user" }, produces = "application/json") 
    public Map<String, Object> user(OAuth2Authentication user) { 
     Map<String, Object> userInfo = new HashMap<>(); 
     userInfo.put("user", user.getUserAuthentication().getPrincipal()); 
     userInfo.put("authorities", AuthorityUtils.authorityListToSet(user.getUserAuthentication().getAuthorities())); 
     return userInfo; 
    } 


    public static void main(String[] args) { 
     SpringApplication.run(Application.class, args); 
    } 


}

WebSecurityConfigurer.java

@Configuration 
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter { 
    @Override 
    @Bean 
    public AuthenticationManager authenticationManagerBean() throws Exception { 
     return super.authenticationManagerBean(); 
    } 
    @Override 
    protected void configure(HttpSecurity http) throws Exception { 
     http.csrf().disable().authorizeRequests() 
       .antMatchers("/oauth/token").permitAll().anyRequest().authenticated().and().formLogin().and().httpBasic(); 
    } 

    @Override 
    @Bean 
    public UserDetailsService userDetailsServiceBean() throws Exception { 
     return super.userDetailsServiceBean(); 
    } 

    @Override 
    protected void configure(AuthenticationManagerBuilder auth) throws Exception { 
     auth 
       .inMemoryAuthentication() 
       .withUser("john.carnell").password("password1").roles("USER") 
       .and() 
       .withUser("william.woodward").password("password2").roles("USER", "ADMIN"); 
    } 
}

我Oauth2Config

@Configuration 
public class OAuth2Config extends AuthorizationServerConfigurerAdapter { 

    @Autowired 
    private AuthenticationManager authenticationManager; 

    @Autowired 
    private UserDetailsService userDetailsService; 

    @Override 
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception { 
     clients.inMemory() 
       .withClient("eagleeye") 
       .secret("thisissecret") 
       .authorizedGrantTypes("refresh_token", "password", "client_credentials") 
       .scopes("webclient", "mobileclient"); 
    } 

    @Override 
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { 
     endpoints 
       .authenticationManager(authenticationManager) 
       .userDetailsService(userDetailsService); 
    } 
}

我试图检索访问令牌尽管邮递员然而,这个错误不断显示

{ 
    "timestamp": 1491436452371, 
    "status": 401, 
    "error": "Unauthorized", 
    "message": "Bad credentials", 
    "path": "/oauth/token/" 
}

这些价值观,我传递过邮差

enter image description here

enter image description here

如你我传递正确的价值观,所以我怀疑它的是造成凭据错误

来源

2017-04-06 user962206

+0

我已经试过你完全相同的代码,一切工作正常。你确定OAuth2Config类正在被组件扫描拾取吗? –

回答

0

我同意卢克Bajada。我有同样的问题,我必须做的修复是添加@ComponentScan注释,并且还导入此模块,我通过添加依赖关系将所有代码写入父模块。

来源

2017-08-06 03:33:40

 相关问题

  • 暂无相关问题^_^