如何在spring boot中使用授权服务器端点获取oauth令牌

时间:2016-03-14 18:48:42

标签: spring-mvc oauth spring-security-oauth2

嗨朋友我正在开发自己的oauth2服务器,它有资源服务器和授权服务器配置我已经部分完成了我自己的oauth2服务器,但无法使用令牌端点http://localhost:8080/oauth/token获取oauth令牌。

的OAuthConfig: 

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;


@Configuration
public class OAuth2Config {

    @Configuration
    @EnableResourceServer
    protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

        @Override
        public void configure(final HttpSecurity http) throws Exception {
            http.authorizeRequests().antMatchers("/login").permitAll().and()
                    .authorizeRequests().anyRequest().authenticated();
        }
    }

    @Configuration
    @EnableAuthorizationServer
    protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

        @Autowired
        private AuthenticationManager authenticationManager;    

        @Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
                            endpoints.authenticationManager(authenticationManager);
        }

        @Override
        public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
            clients.inMemory()
                    .withClient("acme")
                    .secret("acmesecret")
                    .authorizedGrantTypes("authorization_code", "refresh_token",
                            "password").scopes("openid");
        }
    }
}

SpringSecurityConfig: 

import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * Created by qasim on 12/3/16.
 */
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
@Order(-10)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {




    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable().authorizeRequests().antMatchers("/oauth/authorize").authenticated().and()
                .authorizeRequests().anyRequest().permitAll().and().httpBasic().and()
        .authorizeRequests().antMatchers("/oauth/confirm_access").authenticated();
    }


}

OauthConfig班级中,我使用inmemory来存储客户详细信息。

此时我的资源服务器中没有任何东西,但我现在还没有。我只想创建令牌,我相信它会通过Authorization服务器生成。

现在,当我打开此网址时,http://localhost:8080/oauth/authorize?response_type=code&client_id=acme&redirect_uri=http://localhost:8080/fd/redirectauthorization'我有这个屏幕。

enter image description here

提供凭证后

enter image description here

这是我的客户oauth屏幕,我没有使用默认的oauth批准屏幕 我的OAuth控制器是

@Controller
@RequestMapping("/oauth")
public class OauthController {

    @Autowired
    ClientDetailsService clientDetailsService;

    @RequestMapping("/confirm_access")
    public String confirmAccess(HttpServletRequest httpServletRequest, HttpSession httpSession){            
        // logic
        return "oauthAccess";
    }

}

在审批控制器上,我带了一些code

的重定向网址

重定向代码

@Controller
@RequestMapping("/fd")
public class RedirectController {

    @RequestMapping("/redirectauthorization")
    public String redirectauthorization(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ModelMap modelMap, HttpSession httpSession){

        return "authorizationcode";
    }
}

enter image description here

现在我使用此代码在url中附加了代码我尝试使用curl命令获取令牌,但获取Bad Credential错误或未授权错误(401),如下图所示

enter image description here 

curl acme:acmesecret@localhost:8080/oauth/token -d 'grant_type=authorization_code&code=WeIYSm'

任何人都可以指导我生成oauth令牌

1 个答案:

答案 0 :(得分:0)

你的卷曲看起来应该更像这样:

curl acme:acmesecret @ localhost:8080 / oauth / token -d

相关问题
最新问题