{“error”:“unauthorized”,“error_description”:“访问此资源需要完全身份验证”}
发出令牌请求时未设置身份验证标头
我的配置如下所示
oauth {
providers {
passport {
api = com.company.package.security.passport.api.PassportApi
key = 'myproject'
secret = 'secret'
authorizationUrl = "http://${providerURL}/oauth/authorize"
tokenEndpointUrl = "http://${providerURL}/oauth/token"
callback = "http://{applicationContextPath}/project/oauth/passport/callback"
successUri = '/login/passportSuccess'
failureUri = '/login/passportFailure'
signatureType = org.scribe.model.SignatureType.Header
scope = 'profile'
}
}
debug = true
connectTimeout = 5000
receiveTimeout = 5000
}
我正在使用Custom providerapi,如下所示
public class PassportApi extends DefaultApi20{
private static final String AUTHORIZE_URL_WITH_STATE = "%s? client_id=%s&client_secret=%s&redirect_uri=%s&state=%s&response_type=code&grant_type=authorization_code";
private static final String SCOPED_AUTHORIZE_URL_WITH_STATE = AUTHORIZE_URL_WITH_STATE + "&scope=%s";
@Override
public String getAccessTokenEndpoint() {
Properties appConfig = Holders.getConfig().toProperties();
String tokenEndpointUrl = appConfig.getProperty("oauth.providers.passport.tokenEndpointUrl") + "";
if(tokenEndpointUrl != null){
return tokenEndpointUrl;
}else{
throw new RuntimeException("Passport API Token URL not Configured Please check config property: oauth.providers.passport.tokenEndpointUrl");
}
}
@Override
public String getAuthorizationUrl(OAuthConfig passportOAuthConfig) {
Properties appConfig = Holders.getConfig().toProperties();
String authorizationUrl = appConfig.getProperty("oauth.providers.passport.authorizationUrl");
if(authorizationUrl != null){
if(passportOAuthConfig.hasScope()){
return String.format(SCOPED_AUTHORIZE_URL_WITH_STATE, authorizationUrl, passportOAuthConfig.getApiKey(), passportOAuthConfig.getApiSecret(),
OAuthEncoder.encode(passportOAuthConfig.getCallback()),OAuthEncoder.encode("Yithe"),passportOAuthConfig.getScope());
}else{
return String.format(AUTHORIZE_URL_WITH_STATE,authorizationUrl, passportOAuthConfig.getApiKey(),
OAuthEncoder.encode(passportOAuthConfig.getCallback()), OAuthEncoder.encode("Yithe"));
}
}else{
throw new RuntimeException("Passport API Authorization URL not Configured Please check config property: oauth.providers.passport.authorizationUrl");
}
}
}
此外,制作第二个/ oauth / token请求的正确方法是什么,因为如果我使用普通的POST设置Authorization Header:Basic client_id:client_secret (使用base 64编码),它的工作原理见postman request