1
首先开始oAuth2作为初学者,我运行sparklr2样本,它工作正常,然后我尝试测试一些不同类型的授权方案。如何测试卷曲的sparklr2样本?
为了参考AuthorizationServerConfiguration类的配置方法是:
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
// @formatter:off
clients
.inMemory()
.withClient("esirius")
.resourceIds(RESOURCE_ID)
.authorizedGrantTypes("authorization_code", "implicit")
.authorities("ROLE_CLIENT")
.scopes("read", "write", "trust")
.secret("secret")
.and()
.withClient("esirius-with-redirect")
.resourceIds(RESOURCE_ID)
.authorizedGrantTypes("authorization_code", "implicit")
.authorities("ROLE_CLIENT")
.scopes("read", "write")
.secret("secret")
.redirectUris(esiriusRedirectUri)
.and()
.withClient("my-client-with-registered-redirect")
.resourceIds(RESOURCE_ID)
.authorizedGrantTypes("authorization_code", "client_credentials")
.authorities("ROLE_CLIENT")
.scopes("read", "trust")
.redirectUris("http://anywhere?key=value")
.and()
.withClient("my-trusted-client")
.authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
.authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
.scopes("read", "write", "trust")
.accessTokenValiditySeconds(60)
.and()
.withClient("my-trusted-client-with-secret")
.authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
.authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
.scopes("read", "write", "trust")
.secret("somesecret")
.and()
.withClient("my-less-trusted-client")
.authorizedGrantTypes("authorization_code", "implicit")
.authorities("ROLE_CLIENT")
.scopes("read", "write", "trust")
.and()
.withClient("my-less-trusted-autoapprove-client")
.authorizedGrantTypes("implicit")
.authorities("ROLE_CLIENT")
.scopes("read", "write", "trust")
.autoApprove(true);
// @formatter:on
}
第一我成功,同时运行的卷曲是grant_type = client_credentials
%curl% -i -X POST "http://localhost:8002/oauth/token" -H "Accept: application/json" -u "my-client-with-registered-redirect:" -d "grant_type=client_credentials" -d "scope=read"
响应:
{"access_token":"3735d098-fb33-48da-8f87-a950e4bd3df2","token_type":"bearer","expires_in":43199,"scope":"read"}
现在我试图测试grant_type =密码scena里奥:
%curl% -i -d "client_id=my-trusted-client" -d "username=marissa" -d "password=koala" -d "grant_type=password" -d "redirect_uri=http://a-dreuz/callback" -H "Accept: application/json" -X POST http://localhost:8002/oauth/token
,并具有响应:
{"error":"unauthorized","error_description":"Full authentication is required to access this resource"}
我已经测试了很多组合成功内部消除的,什么是错的这一要求? 我发现这是一个很好的方式来测试请求卷曲curl以了解与oAuth2的不同场景。
感谢您的帮助。
感谢@ dave-syer指出我的错误,现在我可以使用curl grant_type = password方案请求成功。 %curl%-i -u“my-trusted-client-with-secret:somesecret”-d“username = marissa”-d“password = koala”-d“grant_type = password”-d“scope = read”-H “Accept:application/json”-X POST http:// localhost:8002/oauth/token – DanyRic