spring授权服务器oauth2客户端凭据流(无法获取令牌)

bkhjykvo  于 2023-08-02  发布在  Spring
关注(0)|答案(1)|浏览(150)

尝试设置一个授权服务器与Spring授权服务器和测试与postaman,但不断响应401,attahced我postaman输入图像和控制台错误的图像
主要参考:

  1. https://www.baeldung.com/spring-security-oauth-jwt
  2. Spring auth server code grant returns 401 unauthorized for endpoint /oauth2/authorize via Postman
    图像
    100d1x

    的字符串
    2个配置文件
    DefaultSecurityConfig.java
@Configuration(proxyBeanMethods = false)
public class DefaultSecurityConfig {

    // @formatter:off
    @Bean
    public   SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
        http.authorizeRequests(authorizeRequests ->
        authorizeRequests.anyRequest().authenticated()
    )
    .formLogin(withDefaults());
        return http.build();
    }
    // @formatter:on

    @Bean
    public UserDetailsService users() {
        UserDetails user = User.withDefaultPasswordEncoder()
                .username("user1")
                .password("password")
                .roles("USER")
                .build();
        return new InMemoryUserDetailsManager(user);
    }
    // @formatter:on

    @Bean
    public SessionRegistry sessionRegistry() {
        return new SessionRegistryImpl();
    }

    @Bean
    public HttpSessionEventPublisher httpSessionEventPublisher() {
        return new HttpSessionEventPublisher();
    }

}

字符串
AuthorizationServerConfig.java

@ComponentScan(basePackageClasses = AuthorizationServerConfig.class)

public class AuthorizationServerConfig {

  @Bean
  @Order(Ordered.HIGHEST_PRECEDENCE)
  public SecurityFilterChain authServerSecurityFilterChain(HttpSecurity http) throws Exception {
    OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
    return http.formLogin(Customizer.withDefaults()).build();
  }

  @Bean
  @ConditionalOnMissingBean
  public RegisteredClientRepository registeredClientRepository() {

    RegisteredClient codeClient = RegisteredClient.withId(UUID.randomUUID().toString())
    .clientId("code-auth-client")
    .clientSecret("abcde")
    .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
    .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_POST)
    .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
    .authorizationGrantType(AuthorizationGrantType.JWT_BEARER)
    .authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
    .authorizationGrantType(AuthorizationGrantType.PASSWORD)
    .redirectUri("http://127.0.0.1:8080/redirect/")
    .scope("read-access")
    .build();

    return new InMemoryRegisteredClientRepository(codeClient);
  }

}```

vc9ivgsu

vc9ivgsu1#

这是由于默认的DelegatingPasswordEncoder
试着改变

.clientSecret("abcde")

字符串

.clientSecret("{noop}abcde")


可能还需要更改用户的密码。

相关问题