我创建了一个小型的spring boot授权服务器,但是它不起作用:
我的SecurityConfig:
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user").password("user").roles("ROLE");
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
我的授权服务器:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.tokenStore(tokenStore())
.authenticationManager(authenticationManager);
}
@Override
public void configure(final ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("client")
.secret("clientpassword")
.scopes("read", "write")
.authorizedGrantTypes("password")
.accessTokenValiditySeconds(3600);
}
@Bean
public TokenStore tokenStore() {
return new InMemoryTokenStore();
}
我的ResourceServer:
@Configuration
@EnableResourceServer
@EnableWebSecurity
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().authorizeRequests()
.antMatchers("/oauth/token")
.permitAll()
.anyRequest()
.authenticated();
}
}
如此卷曲
curl -i -v -X POST -H 'Content-Type: application/x-www-form-urlencoded' -k http://localhost:8080/oauth/token -H 'Authorization: Basic Y2xpZW50OmNsaWVudHBhc3N3b3Jk' -d 'grant_type=password&client_id=client&user=user&password=user'
Y2xpZW50OmNsaWVudHBhc3N3b3Jk是base64编码的client:clientpassword
我收到此错误:
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8080 (#0)
> POST /oauth/token HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.64.1
> Accept: */*
> Content-Type: application/x-www-form-urlencoded
> Authorization: Basic Y2xpZW50OmNsaWVudHBhc3N3b3Jk
> Content-Length: 60
>
* upload completely sent off: 60 out of 60 bytes
< HTTP/1.1 401
HTTP/1.1 401
< Cache-Control: no-store
Cache-Control: no-store
< Pragma: no-cache
Pragma: no-cache
< WWW-Authenticate: Form realm="oauth2/client", error="invalid_client", error_description="Bad client credentials"
WWW-Authenticate: Form realm="oauth2/client", error="invalid_client", error_description="Bad client credentials"
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
X-XSS-Protection: 1; mode=block
< X-Frame-Options: DENY
X-Frame-Options: DENY
< Content-Type: application/json
Content-Type: application/json
< Transfer-Encoding: chunked
Transfer-Encoding: chunked
< Date: Wed, 13 May 2020 18:42:17 GMT
Date: Wed, 13 May 2020 18:42:17 GMT
<
* Connection #0 to host localhost left intact
{"error":"invalid_client","error_description":"Bad client credentials"}* Closing connection 0