即使进行了所有配置,我仍然收到401错误。当我请求访问令牌时,它的说法是“需要完全认证才能访问此资源。”
我使用邮递员完成了oauth config和im,其中我已经通过了用户名,密码,grantype。以及客户ID和机密。
oauth2配置......
@Configuration
public class OAuthserConfig extends WebSecurityConfigurerAdapter implements AuthorizationServerConfigurer
{
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception
{
return super.authenticationManagerBean();
}
@Autowired
AuthenticationManager authenticationManager;
PasswordEncoder passwordencoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
@Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception
{
// TODO Auto-generated method stub
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception
{
clients.inMemory()
.withClient("abc")
.secret(passwordencoder.encode("secret"))
.scopes("READ","WRITE")
.authorizedGrantTypes("password","authorization code");
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception
{
endpoints.authenticationManager(authenticationManager);
}
}
用户配置...
@Configuration
public class UserConfig extends GlobalAuthenticationConfigurerAdapter
{
PasswordEncoder passwordencoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception
{
auth.inMemoryAuthentication().withUser("tj")
.password(passwordencoder.encode("tj123"))
.roles("USER","ADMIN","MANAGER")
.authorities("CAN_READ","CAN_WRITE","CAN_DELETE");
}
}