我在Spring Boot中使用Oauth2,并且正在使用JDBC令牌存储来存储JWT令牌。这是我的AuthorizationServerConfig
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
private static final Logger logger = LoggerFactory.getLogger(AuthorizationServerConfig.class);
static final String MERCHANT_ID = "merchant-id";
static final String MERCHANT_SECRET = "merchant-secret-bcrypted-value";
static final String CUSTOMER_ID = "customer-id";
static final String CUSTOMER_SECRET = "customer-secret-bcrypted-value";
static final String GRANT_TYPE_PASSWORD = "password";
static final String AUTHORIZATION_CODE = "authorization_code";
static final String REFRESH_TOKEN = "refresh_token";
static final String IMPLICIT = "implicit";
static final String SCOPE_READ = "read";
static final String SCOPE_WRITE = "write";
static final String TRUST = "trust";
static final int ACCESS_TOKEN_VALIDITY_SECONDS = 1 * 60 ;
static final int FREFRESH_TOKEN_VALIDITY_SECONDS = 5 * 60 ;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private DataSource dataSource;
@Resource(name = "UserService")
private UserDetailsService userDetailsService;
@Bean
public JwtAccessTokenConverter accessTokenConverter() throws Exception {
logger.debug("accessTokenConverter");
System.out.println("accessTokenConverter");
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey("asagasdg");
return converter;
}
@Bean
public TokenStore tokenStore() throws Exception {
logger.debug("tokenStore");
return new JdbcTokenStore(dataSource);
}
@Bean
public ApprovalStore approvalStore() throws Exception {
TokenApprovalStore tokenApprovalStore = new TokenApprovalStore();
tokenApprovalStore.setTokenStore(tokenStore());
return tokenApprovalStore;
}
@Override
public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {
System.out.println("configure");
configurer
.jdbc(dataSource)
// .inMemory()
.withClient(MERCHANT_ID)
.secret(MERCHANT_SECRET)
.authorizedGrantTypes(GRANT_TYPE_PASSWORD, AUTHORIZATION_CODE, REFRESH_TOKEN, IMPLICIT)
.scopes(SCOPE_READ, SCOPE_WRITE, TRUST)
.accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS).
refreshTokenValiditySeconds(FREFRESH_TOKEN_VALIDITY_SECONDS)
.and()
.withClient(CUSTOMER_ID)
.secret(CUSTOMER_SECRET)
.authorizedGrantTypes(GRANT_TYPE_PASSWORD, AUTHORIZATION_CODE, REFRESH_TOKEN, IMPLICIT)
.scopes(SCOPE_READ, SCOPE_WRITE, TRUST)
.accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS)
.refreshTokenValiditySeconds(FREFRESH_TOKEN_VALIDITY_SECONDS).and()
.build()
;
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
System.out.println("configure below");
endpoints
.pathMapping("/oauth/token","/api/v1/oauth/token")
.tokenStore(tokenStore())
.authenticationManager(authenticationManager)
.accessTokenConverter(accessTokenConverter());
}
@Bean
@Primary
public DefaultTokenServices tokenServices() throws Exception {
DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true);
return defaultTokenServices;
}
}
因此,每当我尝试在邮递员中使用BASE_URL/api/v1/oauth/token的{{1}}和userid以及另一个secret,{{1} }和Basic-Auth出现此错误
username内存中的身份验证工作正常,但是当我创建数据库password,grant_type=password和{
"error": "unauthorized",
"error_description": "Full authentication is required to access this resource"
}
来保存和检索数据库中的JWT时,出现了该错误。
这是我的oauth_access_token
oauth_refresh_token这是我的oauth_client_details
ResourceServerConfig我不知道我在想什么。任何帮助将不胜感激。谢谢
答案 0 :(得分:1)
检查是否在邮递员中设置了标题。 关键字:Content-Type值:application / x-www-form-urlencoded
您可能有,但没有提及。也许有帮助。
此外,我注意到您没有授予所有人获得令牌的权限。在您的AuthorizationServerConfigurerAdapter中尝试以下操作:
@Override
public void configure(
AuthorizationServerSecurityConfigurer oauthServer)
throws Exception {
oauthServer
.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
´´´