Springboot安全性如何使发布JSON登录可用

Question

我目前正在使用springboot对类进行分配，当我添加springboot-security并使用formlogin时，似乎当我使用form发布时，它可以成功进行身份验证，但是使用json发布时，它不能成功解决这个问题的想法

我的SecurityConfig：

package com.example.springsocial.config;

import com.example.springsocial.domain.AuthenticateResult;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import java.util.List;
import java.util.stream.Collectors;

@Configuration
@EnableWebSecurity
@Profile(value = {"dev-local", "prod"})
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Qualifier("authServiceImpl")
    @Autowired
    private UserDetailsService userDetailsService;


    @Bean
    public PasswordEncoder encoder() {
        return NoOpPasswordEncoder.getInstance();
    }

    @Bean
    public ObjectMapper mapper() {
        return new ObjectMapper();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth)
            throws Exception {
        auth
                .userDetailsService(userDetailsService)
                .passwordEncoder(encoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .csrf()
                .disable()
                .authorizeRequests()
                .antMatchers("/register/**")
                .permitAll()
                .antMatchers("/login")
                .permitAll()
                .antMatchers("/**")
                .access("hasRole('USER')")
//                .anyRequest()
//                .authenticated()
                .and()
                .formLogin()
                .successHandler((request, response, authentication) -> {
                    response.setStatus(200);
                    List<String> authorities = authentication
                            .getAuthorities()
                            .stream()
                            .map(GrantedAuthority::getAuthority)
                            .collect(Collectors.toList());
                    String responseStr =
                            mapper().writeValueAsString(new
                                    AuthenticateResult(
                                    200,
                                    "ok",
                                    "login success", authorities));
                    response.getWriter().write(responseStr);
                })
                .failureHandler((request, response, exception) -> {
                    response.setStatus(401);
                    String responseStr =
                            mapper().writeValueAsString(new
                                    AuthenticateResult(
                                    401,
                                    "auth failed",
                                    "login failed", null));
                    response.getWriter().write(responseStr);
                })
                .and()
                .logout();
    }

}

我的build.gradle：

plugins {
    id 'org.springframework.boot' version '2.1.5.RELEASE'
    id 'application'
}

apply plugin: 'io.spring.dependency-management'

sourceCompatibility = '1.8'
targetCompatibility = '1.8'


ext {
    set('oathAutoVersion', "2.1.0.RELEASE")
    set('socialVersion', '1.1.6.RELEASE')
}
//configurations {
//    implementation.exclude group: 'org.springframework.boot', module: 'spring-boot-starter-tomcat'
//}
dependencies {
    implementation 'org.springframework.cloud:spring-cloud-starter-netflix-eureka-client'
    implementation 'org.springframework.boot:spring-boot-starter-web'
//    implementation 'org.springframework.boot:spring-boot-starter-jetty'
    implementation 'org.springframework.boot:spring-boot-starter-security'
    implementation 'org.springframework.boot:spring-boot-starter-actuator'
    implementation 'org.springframework.security:spring-security-oauth2-client'
    implementation 'org.springframework.boot:spring-boot-starter-jdbc'
    implementation "io.jsonwebtoken:jjwt:0.5.1"
    implementation 'mysql:mysql-connector-java'
    implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
    compileOnly 'org.projectlombok:lombok:1.18.6'
    annotationProcessor 'org.projectlombok:lombok:1.18.6'
    testImplementation 'org.springframework.boot:spring-boot-starter-test'
}

dependencyManagement {
    imports {
        mavenBom "org.springframework.cloud:spring-cloud-dependencies:${springCloudVersion}"
    }
}
mainClassName = 'com.example.springsocial.AuthenticationApplication'

我的application.yml：

server:
  port: 8080

spring:
  application:
    name: authentication
  datasource:
    driverClassName: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://xx.xx.xx.xx/sample
    username: xx.xx.xx.xx
    password: xx.xx.xx.xx

  jpa:
    show-sql: true
    hibernate:
      ddl-auto: update
      naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
    properties:
      hibernate:
        dialect: org.hibernate.dialect.MySQL5InnoDBDialect
eureka:
  instance:
    non-secure-port-enabled: true
    secure-port-enabled: true
    non-secure-port: 8080
    secure-port: 8443
  client:
    service-url:
      defaultZone: http://localhost:8761/eureka
debug: true

然后使用curl进行登录后的结果如下：

有什么想法可以快速配置吗？