Spring OAuth2:使用Access Token访问控制器时出错

时间:2017-04-11 16:38:06

标签: spring jwt spring-oauth2

我的授权服务器有以下代码

@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

    clients.inMemory()
        .withClient("myRestClient") // client id
        .scopes("read", "write", "trust")
        .autoApprove(true)
        .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
        .authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit");
}

 @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.tokenStore(tokenStore()).tokenEnhancer(jwtTokenEnhancer()).authenticationManager(authenticationManager);
    }

    @Autowired
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Bean
    public TokenStore tokenStore() {
        return new JwtTokenStore(jwtTokenEnhancer());
    }

    @Bean
    protected JwtAccessTokenConverter jwtTokenEnhancer() {
        KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(new ClassPathResource("jwt.jks"), "mySecretKey".toCharArray());
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setKeyPair(keyStoreKeyFactory.getKeyPair("jwt"));
        return converter;
    }

JWT配置:

@Configuration
public class JwtConfiguration {
    @Autowired
    JwtAccessTokenConverter jwtAccessTokenConverter;


    @Bean
    @Qualifier("tokenStore")
    public TokenStore tokenStore() {

        System.out.println("Created JwtTokenStore");
        return new JwtTokenStore(jwtAccessTokenConverter);
    }

    @Bean
    protected JwtAccessTokenConverter jwtTokenEnhancer() {
        JwtAccessTokenConverter converter =  new JwtAccessTokenConverter();
        Resource resource = new ClassPathResource("public.cert");
        String publicKey = null;
        try {
            publicKey = new String(FileCopyUtils.copyToByteArray(resource.getInputStream()));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
        converter.setVerifierKey(publicKey);
        return converter;
    }
}

我正在通过

获得Accesstoken
curl -XPOST "myRestClient:@localhost:9999/oauth/token" -d "grant_type=password&username=reader&password=reader"

当我尝试通过

命中资源时,现在使用Access Token
curl -XPOST -H "Authorization: Bearer $TOKEN" "localhost:9999/foo"

我收到错误消息:

{
  "error": "invalid_token",
  "error_description": "Cannot convert access token to JSON"
}

指导我哪里出错了。尝试了很多,但没有运气。

0 个答案:

没有答案