NoSuchClientException,没有请求id的客户端

时间:2017-03-22 14:56:19

标签: java spring-security oauth-2.0 spring-security-oauth2

当我尝试访问/ oauth / token时出现错误:

  

o.s.s.o.provider.endpoint.TokenEndpoint:处理错误:NoSuchClientException,没有请求id的客户端:username

我接下来的步骤:

  1. 我尝试发出请求oauth / authorize并使用输入凭据获取弹出窗口。
  2. 输入并收到错误" Unsupportted response_type"
  3. 然后我尝试通过oauth /令牌制作请求获取令牌
  4.   

    curl -u clientsecret:12345 -X POST http://localhost:8080/oauth/token -H"接受:application / json" -d" username = user& password = password& grant_type = password"

    然后使用NoSuchClientException获得此错误。为什么将用户名设置为clientId? 这是我的代码:

    @Configuration
    public class OAuth2ServerConfig {
    
    @Configuration
    @EnableResourceServer
    protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
    
        @Inject
        private Http401UnauthorizedEntryPoint authenticationEntryPoint;
    
        @Inject
        private AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler;
    
        @Override
        public void configure(HttpSecurity http) throws Exception {
            http
                    .exceptionHandling()
                    .authenticationEntryPoint(authenticationEntryPoint)
                    .and()
                    .logout()
                    .logoutUrl("/logout")
                    .logoutSuccessHandler(ajaxLogoutSuccessHandler)
                    .and()
                    .csrf()
                    .requireCsrfProtectionMatcher(new AntPathRequestMatcher("oauth/token"))
                    .disable()
                    .headers()
                    .frameOptions().disable()
                    .and()
                    .sessionManagement()
                    .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                    .and()
                    .authorizeRequests()
                    .antMatchers("/admin").hasAnyAuthority("ADMIN");
        }
    }
    
    @Configuration
    @EnableAuthorizationServer
    protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
    
        private static final String CLIENTID = "app";
        private static final String PROP_SECRET = "secret";
        private static final Integer TOKEN_VALIDITY_SECONDS = -1;
        @Inject
        private UserDetailsService userDetailsService;
        @Inject
        private OAuth2AccessTokenRepository oAuth2AccessTokenRepository;
    
        @Inject
        private OAuth2RefreshTokenRepository oAuth2RefreshTokenRepository;
    
        @Bean
        public TokenStore tokenStore() {
            return new MongoDBTokenStore(oAuth2AccessTokenRepository, oAuth2RefreshTokenRepository);
        }
    
        @Inject
        @Qualifier("authenticationManagerBean")
        private AuthenticationManager authenticationManager;
    
        @Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints)
                throws Exception {
    
            endpoints
                    .tokenStore(tokenStore())
                    .authenticationManager(authenticationManager).userDetailsService(userDetailsService);
        }
    
        @Override
        public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
            clients
                    .inMemory()
                    .withClient(CLIENTID)
                    .authorizedGrantTypes("authorization_code","refresh_token","password")
                    .authorities("USER", "ADMIN")
                    .secret(PROP_SECRET)
                    .accessTokenValiditySeconds(TOKEN_VALIDITY_SECONDS);
        }
    }
    }
    

1 个答案:

答案 0 :(得分:0)

像这样创建请求

curl app:secret@localhost:8080/oauth/token  -d grant_type=password -d client_id=app  -d username=user -d password=password