个人中心
gpt4 book ai didi

java - Oauth2 Spring 实现

转载 作者:行者123 更新时间:2023-12-01 09:19:32 25 4
gpt4 key购买 nike

我是 Spring 的新人。我想将 Oauth2 与 Spring Security 一起使用。这是我的应用程序:

package demo;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.OrRequestMatcher;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@SpringBootApplication
@RestController
public class Application {

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }

    @RequestMapping("/")
    public String home() {
        return "Hello World";
    }

    @Configuration
    @EnableResourceServer
    protected static class ResourceServer extends ResourceServerConfigurerAdapter {

        @Override
        public void configure(HttpSecurity http) throws Exception {
            http

                    .requestMatcher(new OrRequestMatcher(
                            new AntPathRequestMatcher("/"),
                            new AntPathRequestMatcher("/admin/beans")
                    ))
                    .authorizeRequests()
                    .anyRequest().access("#oauth2.hasScope('read')");

        }

        @Override
        public void configure(ResourceServerSecurityConfigurer resources)
                throws Exception {
            resources.resourceId("id");
        }
    }

    @Configuration
    @EnableAuthorizationServer
    protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {

        @Autowired
        private AuthenticationManager authenticationManager;

        @Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints)
                throws Exception {
            endpoints.authenticationManager(authenticationManager);
        }

        @Override
        public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

            clients.inMemory().withClient("my-trusted-client")
                    .authorizedGrantTypes("password", "authorization_code",
                                  "refresh_token", "implicit")
                    .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
                    .scopes("read", "write", "trust").resourceIds("id")
                    .accessTokenValiditySeconds(60).and()
                    .withClient("my-client-with-registered-redirect")
                    .authorizedGrantTypes("authorization_code")
                    .authorities("ROLE_CLIENT")
                    .scopes("read", "trust").resourceIds("id")
                    .redirectUris("http://anywhere?key=value").and()
                    .withClient("my-client-with-secret")
                    .authorizedGrantTypes("password")
                    .authorities("ROLE_CLIENT").scopes("read", "write")
                    .resourceIds("id")
                    .secret("secret");
        } 
    }

    @Configuration
    protected static class AuthenticationConfiguration extends
                               GlobalAuthenticationConfigurerAdapter {

        @Override
        public void init(AuthenticationManagerBuilder auth) throws Exception {
            auth.inMemoryAuthentication().withUser("user").password("password")
                    .roles("USER").and().withUser("admin").password("password")
                    .roles("USER");
        }   
    }  
}

我想使用密码授予身份验证。不幸的是,当我运行这样的命令时:

curl -u my-client-with-secret: http://localhost:8080/oauth/token -d grant_type=password&username=user&password=password&client_id=my-trusted-client&client_secret=secret

响应是:

{"timestamp":1477484999849,"status":401,"error":"Unauthorized","message":"Bad credentials","path":"/oauth/token"}

你能帮我解决这个问题吗?

最佳答案

你必须稍微改变一下curl Request。请将客户端的凭据放在请求前面,并将用户凭据作为参数附加:

curl my-client-with-secret:secret@localhost:8080/oauth/token -d grant_type=password -d username=user -d password=password

关于java - Oauth2 Spring 实现,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/40260082/

25 4 0
文章推荐: Docker/Docker-compose 卷文件和共享问题
文章推荐: java - 将 Java 对象从 JSP 传递到 Servlet
文章推荐: java - 在 Windows LAF 下为每个组件的 JTextField 设置非 Activity 背景颜色
文章推荐: swift2 - 如何快速从 NSTextCheckingResult 对象中找到子字符串?
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com