我尝试实现自定义Auth Server和Client。我用例this code。我修改了Tonr2应用程序以不使用任何用户。我想转换这2个应用程序。 Tonr2应根据Sparklr2的会话创建用户会话。现在我修改了这个部分:
在Sparklr2(ResourceConfiguration类)中:
@Bean
public OAuth2ProtectedResourceDetails sparklr() {
ClientCredentialsResourceDetails details = new ClientCredentialsResourceDetails();
details.setId("sparklr/tonr");
details.setClientId("tonr");
details.setClientSecret("secret");
details.setAccessTokenUri(accessTokenUri);
details.setAuthenticationScheme(AuthenticationScheme.query);
details.setClientAuthenticationScheme(AuthenticationScheme.form);
details.setScope(Arrays.asList("read", "write"));
return details;
}
在Tonr2中:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
// I removed all users
// @Override
// protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// auth.inMemoryAuthentication().withUser("marissa").password("wombat").roles("USER").and().withUser("sam")
// .password("kangaroo").roles("USER");
// }
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/sparklr/**").permitAll();
}
}
和
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory().withClient("tonr")
.resourceIds(SPARKLR_RESOURCE_ID)
.authorizedGrantTypes("client_credentials")
//.authorities("ROLE_CLIENT")
.scopes("read", "write")
.secret("secret");
但我得到了:
RestTemplate - POST request for "http://localhost:8080/sparklr2/oauth/token" resulted in 401 (Unauthorized); invoking error handler
error="access_denied", error_description="Error requesting access token."
at org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:145)
如何解决?或者你可能有一些例子如何正确地做到这一点?