Spring Boot-无效的访问令牌错误

时间:2018-02-13 07:34:44

标签: spring spring-boot spring-security oauth-2.0 spring-security-oauth2

我目前正在开发一个简单的 Spring Boot应用程序,我在其中传递client_id和secret以获取访问令牌,该令牌获取刷新和访问令牌。

但是当我尝试使用该令牌访问资源(我的REST API)时(使用此URL: curl -H"授权:Bearer ead8ba5d-88ad-4531-a821-db08bf25e888" localhost :8081 / my-end-point ),它对我不起作用并且给我跟随错误 -

{"错误":" invalid_token"," error_description":"无效的访问令牌:ead8ba5d-4531-db08bf2fe888" }

这就是我的终端的样子 - 

import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import java.security.Principal;

@RestController
@RequestMapping(path = "/my-end-point")
public class PrincipalResource {

    @RequestMapping(method = RequestMethod.POST)
    public Principal oauth(Principal principal) {
        /*
         * Translate the incoming request, which has an access token
         * Spring security takes the incoming request and injects the Java Security Principal
         * The converter inside Spring Security will handle the to json method which the Spring Security
         * Oauth client will know how to read
         *
         * The @EnableResourceServer on the application entry point is what makes all this magic happen.
         * If there is an incoming request token it will check the token validity and handle it accordingly
         *
         *
         */


        return principal;
    }
} `

1 个答案:

答案 0 :(得分:0)

确保在 AuthServerOAuth2Config 中   security.allowFormAuthenticationForClients().checkTokenAccess("permitAll()"); 

@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {     
    security.allowFormAuthenticationForClients().checkTokenAccess("permitAll()");       
}

并通过在网址上向您的服务器发出 POST 请求来开始生成一些令牌: localhost:yourport / oauth / token

例如:

http://localhost:8085/oauth/token?client_secret=secret&client_id=web&grant_type=password&username=kalaiselvan&password=kalaiselvan

它将返回令牌

 {
   "access_token": "8b816685-b7da-4996-a3e2-ff18b4538a2b",
   "token_type": "bearer",
   "refresh_token": "f458c09b-f739-4488-be0f-2b0e3c5a62d1",
   "expires_in": 637,
   "scope": "read"
 }

enter image description here

从响应数据中复制 access_token 并进行新的 POST 请求 http://localhost:8085/account enter image description here

我希望它会对你有所帮助

相关问题
最新问题