Spring Boot oauth:不支持的授权类型
Posted
技术标签:
【中文标题】Spring Boot oauth:不支持的授权类型【英文标题】:Spring boot oauth: unsupported grant type 【发布时间】:2019-02-11 03:03:41 【问题描述】:请帮助我...不受支持的赠款类型让我发疯.. 我的 Spring Boot 设置如下所示。
@Configuration
@EnableAuthorizationServer
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception
// TODO Auto-generated method stub
super.configure(endpoints);
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception
// TODO Auto-generated method stub
security
/*.tokenKeyAccess("permitAll()")*/
.checkTokenAccess("isAuthenticated()");
@Bean
public TokenStore tokenStore()
return new JwtTokenStore(jwtAccessTokenConverter());
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter()
return new JwtAccessTokenConverter();
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception
// TODO Auto-generated method stub
clients.inMemory()
.withClient("foo")
.secret("noopbar")
.authorizedGrantTypes("password", "authorization_code", "refresh_token","client_credentials")
.authorities("ROLE_CLIENT","ROLE_TRUSTED_CLIENT")
.scopes("read", "write","trust","openid")
.accessTokenValiditySeconds(120).//Access token is only valid for 2 minutes.
refreshTokenValiditySeconds(600);//Refresh token is only valid for 10 minutes.
这是邮递员测试的结果,总是返回不受支持的授权类型“密码”
enter image description here
enter image description here
【问题讨论】:
【参考方案1】:如果您使用 grant_type="password",您必须:
在你自己的WebSecurityConfigurerAdapter类中创建下面的bean
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception
return super.authenticationManagerBean();
将其注入AuthorizationServerConfigurerAdapter 类
@Autowired
private AuthenticationManager authenticationManager;
在configure(AuthorizationServerEndpointsConfigurer endpoints)方法中使用它
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints)
endpoints.authenticationManager(authenticationManager);
完整示例:
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception
return super.authenticationManagerBean();
@Bean
@Override
protected UserDetailsService userDetailsService()
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("a").password("123456").authorities("USER").build());
return manager;
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter
private AuthenticationManager authenticationManager;
@Autowired
public AuthorizationServerConfig(AuthenticationManager authenticationManager)
this.authenticationManager = authenticationManager;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints)
endpoints.authenticationManager(authenticationManager);
@Override
public void configure(AuthorizationServerSecurityConfigurer security)
security.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()")
.allowFormAuthenticationForClients();
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception
clients.inMemory()
.withClient("CLIEN_ID").secret("CLIENT_SECRET")
.authorizedGrantTypes("password", "refresh_token")
.authorities("CLIENT")
.scopes("read");
测试:
curl -i -X POST -d "username=a&password=123456&grant_type=password&client_id=CLIENT_ID&client_secret=CLIENT_SECRET" http://localhost:8080/oauth/token
【讨论】:
【参考方案2】:假设输入的用户是有效的,除了用户名、密码和授权类型之外,您能否尝试发送客户端 ID 和客户端密码参数。
curl http://host:port/oauth/token -d grant_type=password -d username=user -d password=password -d client_id=client -d client_secret=secret
【讨论】:
以上是关于Spring Boot oauth:不支持的授权类型的主要内容,如果未能解决你的问题,请参考以下文章
Spring Boot Security OAuth2 实现支持JWT令牌的授权服务器
Spring Boot Oauth2 授权服务器不接受有效令牌
Spring Boot 2 OAuth2 资源服务器不访问授权服务器进行访问令牌验证