基于此示例https://github.com/royclarkson/spring-rest-service-oauth我修改了添加存储库和其他休止控制器的源代码。资源和授权服务器在同一应用程序中运行/配置。
我添加了一个端点" / api / login" (POST)请求正文:
{"usernamme":"foo", "password":"bar"}
我想在控制器调用的服务中获取此用户的访问令牌。该实现如下:
控制器
public ResponseEntity<OAuth2AccessToken> login(@RequestBody @Valid final LoginCommand credentials)
throws LoginFailedException, UnexpectedErrorException {
try {
final OAuth2AccessToken token = securityService.authenticate(credentials.getUsername(), credentials.getPassword());
return ResponseEntity.ok(token);
} catch (final InvalidGrantException badCredentialExeption) {
throw new LoginFailedException(badCredentialExeption.getMessage());
} catch (final Exception e) {
throw new UnexpectedErrorException(e.getMessage());
}
}
服务
@Autowired
@Qualifier("OAuth2RestOperations")
private OAuth2RestOperations client;
@Override
public OAuth2AccessToken authenticate(final String username, final String password) {
final ResourceOwnerPasswordResourceDetails resourceDetails = (ResourceOwnerPasswordResourceDetails) client.getResource();
resourceDetails.setUsername(username);
resourceDetails.setPassword(password);
return client.getAccessToken();
}
休息客户端配置
@Configuration
@Import({ OauthProperties2.class })
@EnableOAuth2Client
public class RestClientConfig {
@Autowired
private OauthProperties2 oauth;
@Bean(name = "OAuth2RestOperations")
public OAuth2RestOperations restTemplate(final OAuth2ClientContext oauth2ClientContext) {
return new OAuth2RestTemplate(resource(), oauth2ClientContext);
}
@Bean
public OAuth2ProtectedResourceDetails resource() {
final ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails();
resource.setAccessTokenUri(oauth.getClient().getAccessTokenUri());
resource.setClientId(oauth.getClient().getClientId());
resource.setClientSecret(oauth.getClient().getClientSecret());
resource.setGrantType(oauth.getClient().getGrantType());
resource.setScope(oauth.getClient().getScope());
return resource;
}
}
测试
public class SecurityApiControllerTest extends TestBase {
@InjectMocks
private SecurityApiController controller;
@Test
public void loginOK() throws Exception {
final String credentials = FileUtils.readContent("requests/loginOK.json");
// @formatter:off
mvc.perform(post("/api/login")
.contentType(MediaType.APPLICATION_JSON_VALUE)
.content(credentials))
.andExpect(status().isOk());
// @formatter:on
}
}
TestBase
@RunWith(SpringJUnit4ClassRunner.class)
@WebAppConfiguration
@SpringBootTest(classes = Application.class)
public class TestBase {
@Autowired
protected WebApplicationContext context;
@Autowired
protected FilterChainProxy springSecurityFilterChain;
protected MockMvc mvc;
@Before
public void setUp() {
MockitoAnnotations.initMocks(this);
mvc = MockMvcBuilders.webAppContextSetup(context).addFilter(springSecurityFilterChain).build();
}
}
运行应用程序时,我可以使用POSTMAN调用端点。在测试过程中,我得到了拒绝连接,如问题标题中所述。我试图弄清楚测试不起作用的原因。任何人都可以给我一个提示来解决这个问题吗?
答案 0 :(得分:1)
太奇怪了。它起作用,因为我已将TestBase类更改为:
@RunWith(SpringJUnit4ClassRunner.class)
// @WebAppConfiguration
@ContextConfiguration(classes = Application.class)
@SpringBootTest(webEnvironment = WebEnvironment.DEFINED_PORT)