我有两个微服务，第一个用于oauth2，第二个用于api。当我从浏览器登录时，一切正常，授权传递和重定向到我的api工作。但当我试图通过postman（rest）实现时，我无法访问api。
oauth2服务器：oauth2微服务作为oauth2服务器和资源服务器的源代码：

@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter {
   @Autowired
   private UserDetailsService userDetailsService;

   @Autowired
   private BCryptPasswordEncoder passwordEncoder;

   @Autowired
   private AuthenticationManager authenticationManager;

   @Override
   public void configure(final AuthorizationServerSecurityConfigurer oauthServer) {
       oauthServer.tokenKeyAccess("permitAll()")
               .checkTokenAccess("isAuthenticated()");
   }

   @Override
   public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
       endpoints
               .authenticationManager(authenticationManager)
               .userDetailsService(userDetailsService);
   }

   @Override
   public void configure(final ClientDetailsServiceConfigurer clients) throws Exception {
       clients.inMemory()
               .withClient("SampleClientId")
               .secret(passwordEncoder.encode("secret"))
               .authorizedGrantTypes("authorization_code", "password", "client_credentials")
               .scopes("user_info")
               .autoApprove(true)
               .accessTokenValiditySeconds(3600)
       ;
   }
}

@Configuration
@Order(1)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsServiceBean()).passwordEncoder(passwordEncoder());
    }

    @Override
    @Bean(name = "userDetailsService")
    public UserDetailsService userDetailsServiceBean()
            throws Exception {
        return super.userDetailsServiceBean();
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception { // @formatter:off
        http.requestMatchers()
            .antMatchers("/login", "/oauth/authorize")
            .and()
            .authorizeRequests()
            .anyRequest()
            .authenticated()
            .and()
            .formLogin()
            .permitAll()
            .and().csrf().disable();
    } // @formatter:on

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
            .withUser("john")
            .password(passwordEncoder().encode("123"))
            .roles("USER");
    }

    @Bean
    public BCryptPasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
}

@RestController
public class UserController {

    @RequestMapping("/user/me")
    public Principal user(Principal principal) {
        System.out.println(principal);
        return principal;
    }
}

客户端sso:客户端微服务使用authorizationserver for athunticate的源代码：

@Configuration
@EnableOAuth2Sso
@EnableWebSecurity
public class UiSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.antMatcher("/**")
                .authorizeRequests()
                .antMatchers("/login**")
                .permitAll()
                .anyRequest()
                .authenticated()
                .and()
                .logout().permitAll()
                .and()
                .httpBasic().disable();
    }
}

@RestController
public class UserController {

    @RequestMapping("/test")
    @ResponseBody
    public String user() {
        return "hiii";
    }
}

server:
    port: 8082

security:
  oauth2:
    client:
      clientId: SampleClientId
      clientSecret: secret
      accessTokenUri: http://localhost:8080/oauth/token
      userAuthorizationUri: http://localhost:8080/oauth/authorize
    resource:
      userInfoUri: http://localhost:8080/user/me