缺少授权类型错误

时间:2017-07-07 04:27:54

标签: spring spring-boot oauth-2.0

我只是想学习OAuth。我写了一些代码来测试它。当我提交请求时,我正在收到 {     “error”:“invalid_request”,     “error_description”:“缺少授权类型” }

邮差错误

import java.util.Optional;

//import static org.assertj.core.api.Assertions.tuple;

import java.util.stream.Stream;

import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import org.springframework.security.core.userdetails.User;

//import org.omg.PortableInterceptor.ACTIVE;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.stereotype.Service;

import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;

@SpringBootApplication
public class SpringAuthServiceApplication {

    @Bean
    CommandLineRunner clr(AccountRepository accountRepository){
        return args -> {
            Stream.of("name1, password1", "name2, password2", "name3, password3", "name4, password4")
            .map(tpl -> tpl.split(",") )
            .forEach(tpl -> accountRepository.save(new Account(tpl[0], tpl[1], true)));
        };


    }

    public static void main(String[] args) {
        SpringApplication.run(SpringAuthServiceApplication.class, args);
    }
}


@Configuration
@EnableAuthorizationServer
class AuthServiceConfiguration extends AuthorizationServerConfigurerAdapter{
    private final AuthenticationManager authenticationManager;

    public AuthServiceConfiguration(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients
        .inMemory()
        .withClient("html5")
        .secret("password")
        .authorizedGrantTypes("password")
        .scopes("openid");

    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.authenticationManager(this.authenticationManager);
    }



}


@Service
class AccountUserDetailService implements UserDetailsService{

    private final AccountRepository accountRepository;

    public AccountUserDetailService(AccountRepository accountRepository) {
//      super();
        this.accountRepository = accountRepository;
    }


    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        // TODO Auto-generated method stub
        return accountRepository.findByUsername (username)
                .map(account -> new User(account.getUsername(),
                        account.getPassword(), account.isActive(), account.isActive(), account.isActive(), account.isActive(),
                        AuthorityUtils.createAuthorityList("ROLE_ADMIN", "ROLE_USER") )
                        )
                .orElseThrow(() -> new UsernameNotFoundException("Couldn't fine user name " + username + "!") ) ;
    }

    /*@Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        return accountRepository.findByUsername(username)
                .map(account -> {
                    boolean active = account.isActive();
                    return new User(
                            account.getUsername(),
                            account.getPassword(),
                            active, active, active, active,
                            AuthorityUtils.createAuthorityList("ROLE_ADMIN", "ROLE_USER"));
                })
                .orElseThrow(() -> new UsernameNotFoundException(String.format("username %s not found!", username)));
    }*/

}



interface AccountRepository extends JpaRepository<Account, Long>{
    Optional<Account> findByUsername(String username); 
}



@Data 
@NoArgsConstructor
@AllArgsConstructor
@Entity
class Account{

    public Account(String username, String password, boolean active) {
        //super();
        this.username = username;
        this.password = password;
        this.active = active;
    }

    @GeneratedValue @Id
    private long id; 
    private String username, password;
    private boolean active;


}

以下是我邮寄的内容:

在标题标签中: Content-Type:application / json 授权:基本aHRtbDU6cGFzc3dvcmQ =

在“授权”标签中: type是Basic Auth 用户名:html5 密码:密码

正文选项卡,选择表单数据并发送以下内容:

用户名:用户名 密码:password1 grant_type:密码 范围:openid client_id:html5 client_secret:密码

enter image description here

enter image description here

enter image description here

1 个答案:

答案 0 :(得分:10)

OAuth2正在请求体内查询字符串形式的参数,即application/x-www-form-urlencoded

将您的Content-Type更改为application/x-www-form-urlencoded并检查x-www-form-urlencoded而不是form-data