我试图了解Oauth 2.0,并且尝试按照一个简单的教程进行操作,但是我不明白我的代码出了什么问题。基本上授权服务器没有向客户端返回任何令牌,并且我没有了解原因:( 这是代码: ResourceServer应用程序: AuthorizationServerConfig:
<div class="outer">
<span class="inner">Yeah, this week at McCormick place apparently</span>
</div>
<div class="outer">
<span class="inner">Negative, seems interesting tho</span>
</div>
<div class="outer">
<span class="inner">Some other random message which is a little bit longer than the other messages</span>
</div>
EmployeeSecurityConfiguration:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory().withClient("javainuse").secret("secret").authorizedGrantTypes("authorization_code")
.scopes("read").authorities("CLIENT").redirectUris("http://localhost:8090/showEmployees");
}
}
ResourceServer:
@Configuration
@EnableWebSecurity
public class EmployeeSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/").permitAll().antMatchers("/user/getEmployeesList").hasAnyRole("ADMIN")
.anyRequest().authenticated().and().formLogin().permitAll().and().logout().permitAll();
http.csrf().disable();
}
@Override
public void configure(AuthenticationManagerBuilder authenticationMgr) throws Exception {
authenticationMgr.inMemoryAuthentication().passwordEncoder(NoOpPasswordEncoder.getInstance()).withUser("admin").password("admin").authorities("ROLE_ADMIN");
}
}
EmployeeController:
@Configuration
@EnableResourceServer
public class ResourceServer extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.requestMatchers().antMatchers("/user/getEmployeesList/**").and().authorizeRequests().anyRequest()
.access("#oauth2.hasScope('read')");
}
}
和客户端应用程序:
@Controller
public class EmployeeController {
@RequestMapping(value = "/user/getEmployeesList", produces ="application/json")
@ResponseBody
public List<Employee> getEmployeeList(){
List<Employee> employees = new ArrayList<>();
Employee emp = new Employee();
emp.setEmpId("emp1");
emp.setEmpName("emp1");
employees.add(emp);
return employees;
}
}
显示response.getBody()的sysout始终为null,我不知道为什么会这样