spring security oauth2中的“无法获取访问令牌”错误

时间:2016-08-08 10:33:23

标签: spring oauth

在我的spring项目中,我有一个在localhost:9999上运行的oauth2客户端应用程序和一个在localhost:8080上运行的oauth2授权服务器。 结果,在批准页面之后,我看到错误页面,我不知道是什么问题? 当按F12我看到set-cookie完成了!但/ oauth / token没有被调用!和/我也没有打电话!并且浏览器不会重定向到localhost:9999。

我的客户端应用

server:
  port: 9999
security:
  oauth2:
    client:
      client-id: acme
      client-secret: acmesecret
      access-token-uri: http://localhost:8080/oauth/token
      user-authorization-uri: http://localhost:8080/oauth/authorize
    resource:
      user-info-uri: http://localhost:8080/me

client.yml

package sso.raymon;

import java.security.Principal;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@Configuration
@EnableAutoConfiguration
@RestController
@EnableWebSecurity
public class App extends WebSecurityConfigurerAdapter
{
     public static void main(String[] args) {
          SpringApplication.run(App.class, args);
     }

     @Configuration
     @EnableAuthorizationServer
     protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter{

          @Autowired
          private AuthenticationManager authenticationManager;


          @Override
          public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
               endpoints.authenticationManager(authenticationManager);
          }

          @Override
            public void configure(AuthorizationServerSecurityConfigurer security)
                    throws Exception {
                // TODO Auto-generated method stub
                security.allowFormAuthenticationForClients();
            }

          @Override
          public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
               // @formatter:off
               clients.inMemory()
               .withClient("acme")
               .authorizedGrantTypes("authorization_code")
               .authorities("ROLE_CLIENT")
               .scopes("read", "write")
               .secret("acmesecret");
               // @formatter:on
          } 
     }
     @RequestMapping("/me") 
     public String home(Principal user) {
          return user.getName();
     }

     @Configuration
     @EnableResourceServer 
     protected static class ResourceServer extends ResourceServerConfigurerAdapter {

          @Override 
          public void configure(HttpSecurity http) throws Exception {
              http
                    .antMatcher("/me")
                    .authorizeRequests().anyRequest().authenticated();
          }

     }
}

我的授权服务器

security.user.name=forough
security.user.password=m123

application.properties

ba.properties

点击网址错误:

  

本地主机:9999 /登录码= xZgYwZ&安培;状态= 27XzVY

错误:

  

Whitelable错误页面   此应用程序没有/ error的显式映射,因此您看到这是一个后备。   有一个意想不到的错误(类型=未经授权,atatus = 401)。   身份验证失败:无法获取访问令牌

0 个答案:

没有答案