Spring Boot应用程序返回带有密钥斗篷的401

时间:2020-04-18 20:16:20

标签: spring-boot maven keycloak

我创建了名为MyRealm的领域。当我通过邮递员在带有参数

的网址http://localhost:8080/auth/realms/MyRealm/protocol/openid-connect/token上发送请求时 
{
    "client_id": "slicer-cfs",
    "username": "niko",
    "password": "123",
    "grant_type": "password"
}

我得到答复

{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSlUIiwia2lkIiA6ICJwNDBMV2tsc0VaYl9sM2VIUFZxTldZc0FuLU5PaGFOS1FiWmV5UHFROVkwIn0-792LqWkpbFr80EGXbi8GljZle_qY-X7bShEb3sZSWTBopPKCOI_QAG6G1ee9XvrDDu3_VcM9eC_CLq36ses64q3gJ-sjtdd1RJDXpzhhY0edLNWeE4d5sE_BrENx-LUQbYMv8Rg22UyeqrMtAj3LbbjEhM_ARMHEMZnEsxjNR7NPGIq2E8DTcBo0hl1DcTgUaJGaBe2x2EPIX8y5xIY9qEFpYhErNTbdUPqlMsPxCVf4zTf3RLaZPsDkiSKc_xGkVoVV-M7gCSpvQzzZAK4GKh0L2Wu9g57Q6S6j_eL3UbkPQ",
"expires_in": 3600,
"refresh_expires_in": 1800,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3ZGFjMDFiYy05MTc5LTQwYmItYjc1YS1iNTljMWM1MmFlNzAifQ..j5SCcQSuwpB5rNPnpRYbVOHehGhnYU3ETyEKmkDf8G4",
"token_type": "bearer",
"not-before-policy": 0,
"session_state": "32721d7d-cdec-4ade-8e9d-17ed003822db",
"scope": "profile user email"

}

所以我在密钥斗篷中拥有范围user。这是我的Java配置:

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.cors()
            .and()
            .authorizeRequests()
            .antMatchers(HttpMethod.GET, "/user/info", "/api/foos/**")
            .hasAuthority("SCOPE_user")
            .anyRequest()
            .authenticated()
            .and()
            .oauth2ResourceServer()
            .jwt();
}

}

这是控制者:

@RestController
@RequestMapping(value = "/api/foos")
public class FooController {

@CrossOrigin(origins = "http://localhost:4200")
@GetMapping(value = "/{id}")
public ResponseEntity<Long> findOne(@PathVariable Long id) {
       return new ResponseEntity<>(999L, HttpStatus.OK);
    }
}

这是application.yml:

server:
port: 9999
servlet:
  context-path: /slicer-cfs

spring:
  security:
    oauth2:
      resourceserver:
        jwt:
          issuer-uri: http://localhost:8080/auth/realms/MyRealm
          jwk-set-uri: http://localhost:8080/auth/realms/MyRealm/protocol/openid-connect/certs

获得访问令牌后,我将其复制粘贴到邮递员中并获得401。请帮助我postman

0 个答案:

没有答案
相关问题
最新问题