Question

我正在尝试使用Spring Security实现OAuth2服务器，但我一直收到'InsufficientAuthenticationException'

这是我当前的配置：

WebSecurityConfigurer文件

@Configuration
@Order(1)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
    http.requestMatchers()
            .antMatchers("/login", "/oauth/authorize","/oauth/token")
            .and()
            .authorizeRequests()
            .anyRequest()
            .authenticated()
            .and()
            .formLogin()
            .permitAll();
}

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.inMemoryAuthentication()
            .withUser("john")
            .password(passwordEncoder().encode("123"))
            .roles("USER");
}

@Bean
public BCryptPasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
}
}

AuthorizationServerConfigurer文件

@Configuration
@EnableAuthorizationServer
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter {

@Autowired
private BCryptPasswordEncoder passwordEncoder;

@Override
public void configure(
        AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
    oauthServer.tokenKeyAccess("permitAll()")
            .checkTokenAccess("isAuthenticated()");
}

@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
    clients.inMemory()
            .withClient("SampleClientId")
            .secret(passwordEncoder.encode("secret"))
            .authorizedGrantTypes("authorization_code")
            .scopes("user_info")
            .autoApprove(false)
            .redirectUris("http://localhost:3000/callback");
}
}

我想做的事情如下：

1）点击/ auth / login，提示登录表单，我可以输入凭据。
2）收集发送到redirect_uri回调的代码

3）按下/ auth / oauth / token，如下所示：

这会提示此错误：

2018-12-17 13:59:08.384 DEBUG 91394 --- [nio-8081-exec-3] o.s.security.web.FilterChainProxy        : /oauth/token/ has no matching filters
2018-12-17 13:59:08.385 DEBUG 91394 --- [nio-8081-exec-3] .s.o.p.e.FrameworkEndpointHandlerMapping : Mapped to public org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.OAuth2AccessToken> org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.postAccessToken(java.security.Principal,java.util.Map<java.lang.String, java.lang.String>) throws org.springframework.web.HttpRequestMethodNotSupportedException
2018-12-17 13:59:08.386  WARN 91394 --- [nio-8081-exec-3] o.s.s.o.provider.endpoint.TokenEndpoint  : Handling error: InsufficientAuthenticationException, There is no client authentication. Try adding an appropriate authentication filter.

我尝试了其他所有帖子所建议的内容，但没有成功。

编辑：这是我的application.properties文件

请忽略POSTMAN图片中显示的URL，正确的URIS应该为/ auth / oauth / *

知道我在做什么错吗？

Spring Security OAuth2 InsufficientAuthenticationException

0 个答案: