在将Spring Boot版本从1.5.4更新到2.1.1之后,交换授权代码后,我得到了空访问令牌
Spring security class:
@Configuration
@EnableWebSecurity
public class SpringSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/users/signup");
web.ignoring().antMatchers("/voice/test");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/").permitAll().antMatchers(Constants.PROTECTED_RESOURCES)
.hasAnyRole("ADMIN").anyRequest().authenticated().and().formLogin()
.permitAll().and().logout().permitAll();
http.csrf().disable();
}
}
Athorization server class:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private RedisConnectionFactory connectionFactory;
@Autowired
private TokenStore tokenStore;
@Autowired
private UserDetailsServiceImpl userDetailsServiceImpl;
@Autowired
private AuthenticationProviderImpl authenticationProviderImpl;
@Autowired
private DataSource dataSource;
@Bean
public TokenStore tokenStore() {
return new RedisTokenStore(connectionFactory);
}
@Bean
public TokenStore tokenStore1() {
return new JdbcTokenStore(dataSource);
}
@Override
public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {
configurer.jdbc(dataSource);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProviderImpl);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
endpoints.userDetailsService(userDetailsServiceImpl);
endpoints.tokenStore(tokenStore);
}
}
controller of client end:
@GetMapping("/welcome")
public String welcome(@RequestParam("code") String code) throws JsonProcessingException, IOException {
ResponseEntity<String> response = null;
System.out.println("Authorization Code------" + code);
RestTemplate restTemplate = new RestTemplate();
String credentials = "phynart-client:phynart-secret";
String encodedCredentials = new String(Base64.encodeBase64(credentials.getBytes()));
HttpHeaders headers = new HttpHeaders();
headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
headers.add("Authorization", "Basic " + encodedCredentials);
HttpEntity<String> request = new HttpEntity<String>(headers);
String access_token_url = "http://localhost:8080/oauth/token";
access_token_url += "?code=" + code;
access_token_url += "&grant_type=authorization_code";
access_token_url += "&redirect_uri=http://localhost:8888/welcome";
response = restTemplate.exchange(access_token_url, HttpMethod.POST, request, String.class);
System.out.println("Access Token Response ---------" + response.getBody());
return "welcome";
}
}
client JSP page:
<%@taglib uri="http://www.springframework.org/tags/form" prefix="form"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Home</title>
</head>
<body>
<h3>Home Page</h3>
<div id="home">
<form:form action="http://localhost:8080/oauth/authorize"
method="post" modelAttribute="user">
<p>
<input type="text" name="response_type" value="code" />
<input type="text" name="client_id" value="phynart-client" />
<input type="text" name="redirect_uri" value="http://localhost:8888/welcome" />
<input type="text" name="scope" value="read" />
<input type="SUBMIT" value="Login" /> <br>
</form:form>
</div>
</body>
</html>
我得到的响应为空访问令牌响应,有人可以帮助我吗?在更新Spring Boot之前,它可以正常工作,并且在交换授权代码后,我正在获取访问令牌,但是现在它返回null作为响应,请让我知道是否需要添加任何其他东西来使其正常工作。是安全性Config类,授权服务器,重定向身份验证代码的控制器和具有所有客户端详细信息的jsp页面...