我拥有身份验证和身份验证(临时内存)的Auth服务器
看起来像这样:
@SpringBootApplication
@RestController
@EnableResourceServer
@EnableAuthorizationServer
public class AuthApplication {
public static void main(String[] args) {
SpringApplication.run(AuthApplication.class, args);
}
@RequestMapping(value = {"/user"}, produces = "application/json")
public Map<String, Object> user(OAuth2Authentication user) {
Map<String, Object> userInfo = new HashMap<>();
userInfo.put("user", user.getUserAuthentication().getPrincipal());
userInfo.put("authorities", AuthorityUtils.authorityListToSet(user.getUserAuthentication().getAuthorities()));
return userInfo;
}
}
我还有自定义类,该类扩展了AuthorizationServerConfigurerAdapter并实现以下方法
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("eagleeye")
.secret(passwordEncoder.encode("thisissecret"))
.authorizedGrantTypes(
"refresh_token",
"password",
"client_credentials")
.scopes("webclient", "mobileclient");
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.authenticationManager(authenticationManager)
.userDetailsService(userDetailsServiceBean);
}
我想配置其他微服务以使用此身份验证微服务来验证传递的令牌。我创建了/foo
@GetMapping("/foo")
public String getFoo() {
return "Authenticated foo";
}
并使用此属性配置我的第二个微服务:
spring:
security:
oauth2:
resource: http://localhost:8090/user
现在我用客户ID,客户机密,授权类型,用户名和密码致电http://localhost:8090/oauth/token,然后我得到了承载令牌。
在标头中使用此令牌时,我叫http://localhost:8091/foo,但出现错误:
{
"error": "invalid_token",
"error_description": "Invalid access token: 18709dc7-8caf-4069-be95-f04ebe71daa8"
}