我设置如下 Spring 配置:
@EnableAuthorizationServer
@EnableWebSecurity
@Configuration
public class Oauth2Provider extends WebSecurityConfigurerAdapter implements
AuthorizationServerConfigurer {
/*
* @Autowired private TokenStore tokenStore;
*/
@Configuration
protected static class AuthenticationConfiguration extends
GlobalAuthenticationConfigurerAdapter {
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("user").password("password")
.roles("USER").and().withUser("admin").password("password")
.roles("USER", "ADMIN");
}
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security)
throws Exception {
// TODO Auto-generated method stub
security.allowFormAuthenticationForClients();
}
@Override
public void configure(ClientDetailsServiceConfigurer clients)
throws Exception {
// TODO Auto-generated method stub
clients.inMemory()
.withClient("my-trusted-client")
.authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
.authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT", "ROLE_ANONYMOUS")
.scopes("read", "write", "trust")
.secret("secret")
.accessTokenValiditySeconds(60);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints)
throws Exception {
// TODO Auto-generated method stub
}
}
Maven 设置如下:
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.0.5.RELEASE</version>
</dependency>
我访问:http://localhost:8080/oauth/token http://localhost:8080/oauth/token有效载荷
grant_type=密码&密码=密码&用户名=用户&范围=读取&client_id=我的可信客户端&client_secret=秘密
但我收到以下错误:
{
error: "unsupported_grant_type"
error_description: "Unsupported grant type: password"
}
要使用密码授予,您需要向授权服务器提供身份验证管理器(在示例中带有 TODO 的空方法中),以便它可以对用户进行身份验证。如果它是 Spring Boot 应用程序,那么总会有一个AuthenticationManager
可以成为@Autowired
.
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)