请帮助我…不支持的授予类型会让我发疯..我的Spring Boot设置看起来像这样。
@Configuration @EnableAuthorizationServer public class AuthServerConfig extends AuthorizationServerConfigurerAdapter{ @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { // TODO Auto-generated method stub super.configure(endpoints); } @Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { // TODO Auto-generated method stub security /*.tokenKeyAccess("permitAll()")*/ .checkTokenAccess("isAuthenticated()"); } @Bean public TokenStore tokenStore() { return new JwtTokenStore(jwtAccessTokenConverter()); } @Bean public JwtAccessTokenConverter jwtAccessTokenConverter() { return new JwtAccessTokenConverter(); } @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { // TODO Auto-generated method stub clients.inMemory() .withClient("foo") .secret("{noop}bar") .authorizedGrantTypes("password", "authorization_code", "refresh_token","client_credentials") .authorities("ROLE_CLIENT","ROLE_TRUSTED_CLIENT") .scopes("read", "write","trust","openid") .accessTokenValiditySeconds(120).//Access token is only valid for 2 minutes. refreshTokenValiditySeconds(600);//Refresh token is only valid for 10 minutes. } }
这是邮递员测试的结果,总是返回不受支持的授权类型“密码”
在此处输入图片说明
如果您使用的是 grant_type =“ password” ,则必须:
在自己的WebSecurityConfigurerAdapter类中创建以下bean
WebSecurityConfigurerAdapter
@Override @Bean public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); }
注入AuthorizationServerConfigurerAdapter课堂
AuthorizationServerConfigurerAdapter
@Autowired private AuthenticationManager authenticationManager;
在configure(AuthorizationServerEndpointsConfigurer endpoints)方法中使用
configure(AuthorizationServerEndpointsConfigurer endpoints)
@Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) { endpoints.authenticationManager(authenticationManager); }
完整示例:
@Configuration public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override @Bean public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Bean @Override protected UserDetailsService userDetailsService(){ InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager(); manager.createUser(User.withUsername("a").password("123456").authorities("USER").build()); return manager; } } @Configuration @EnableAuthorizationServer public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { private AuthenticationManager authenticationManager; @Autowired public AuthorizationServerConfig(AuthenticationManager authenticationManager) { this.authenticationManager = authenticationManager; } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) { endpoints.authenticationManager(authenticationManager); } @Override public void configure(AuthorizationServerSecurityConfigurer security) { security.tokenKeyAccess("permitAll()") .checkTokenAccess("isAuthenticated()") .allowFormAuthenticationForClients(); } @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("CLIEN_ID").secret("CLIENT_SECRET") .authorizedGrantTypes("password", "refresh_token") .authorities("CLIENT") .scopes("read"); } }
测试:
curl -i -X POST -d "username=a&password=123456&grant_type=password&client_id=CLIENT_ID&client_secret=CLIENT_SECRET" http://localhost:8080/oauth/token
