我试图在 spring-boot 中将资源服务器与授权服务器分开。我有两个单独运行的不同应用程序。在授权服务器中,我可以从 oauth/token 获取不记名令牌,但是当我尝试访问资源(在标头中发送令牌)时,我收到无效令牌错误。我的目的是使用 InMemoryTokenStore 和不记名令牌。谁能告诉我我的代码有什么问题吗?
授权服务器:
@SpringBootApplication
public class AuthorizationServer extends WebMvcConfigurerAdapter {
public static void main(String[] args) {
SpringApplication.run(AuthorizationServer.class, args);
}
@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {
private TokenStore tokenStore = new InMemoryTokenStore();
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.authenticationManager(authenticationManager)
.tokenStore(tokenStore);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.checkTokenAccess("hasAuthority('ROLE_USER')");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("user")
.secret("password")
.authorities("ROLE_USER")
.authorizedGrantTypes("password")
.scopes("read", "write")
.accessTokenValiditySeconds(1800);
}
}
资源服务器:
@SpringBootApplication
@RestController
@EnableOAuth2Resource
@EnableWebSecurity
@Configuration
public class ResourceServer extends WebSecurityConfigurerAdapter {
public static void main(String[] args){
SpringApplication.run(ResourceServer.class, args);
}
@RequestMapping("/")
public String home(){
return "Hello Resource World!";
}
@Bean
public ResourceServerTokenServices tokenService() {
RemoteTokenServices tokenServices = new RemoteTokenServices();
tokenServices.setClientId("user");
tokenServices.setClientSecret("password");
tokenServices.setTokenName("tokenName");
tokenServices.setCheckTokenEndpointUrl("http://localhost:8080/oauth/check_token");
return tokenServices;
}
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
OAuth2AuthenticationManager authenticationManager = new OAuth2AuthenticationManager();
authenticationManager.setTokenServices(tokenService());
return authenticationManager;
}
@Configuration
@EnableResourceServer
protected static class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.requestMatchers()
.antMatchers("/","/home")
.and()
.authorizeRequests()
.anyRequest().access("#oauth2.hasScope('read')");
}
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
TokenStore tokenStore = new InMemoryTokenStore();
resources.resourceId("Resource Server");
resources.tokenStore(tokenStore);
}
}
您已经创建了 2 个实例InMemoryTokenStore
。如果您想在身份验证服务器和资源服务器之间共享令牌,它们需要相同的存储。
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)