【问题标题】:Spring OAuth2: How do I allow password grant type using java configuration?Spring OAuth2:如何使用 java 配置允许密码授予类型?
【发布时间】:2016-06-20 04:19:53
【问题描述】:

在我的 java 服务器应用程序中,尝试使用密码授予流程进行身份验证时出现以下错误:

TokenEndpoint - Handling error: InvalidClientException, Unauthorized grant type: password

我确实为相关用户明确允许授予:

@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
    clients.inMemory()
            .withClient("officialclient")
                .authorizedGrantTypes("authorization_code, refresh_token, password")
                .authorities("ROLE_CLIENT")
                .scopes("read", "write")
                .resourceIds(RESOURCE_ID)
                .secret("officialclientsecret")
                .redirectUris("https://www.someurl.com/")
}

我正在使用以下代码来检索访问令牌:

ResourceOwnerPasswordResourceDetails resourceDetails = new ResourceOwnerPasswordResourceDetails();
resourceDetails.setClientAuthenticationScheme(AuthenticationScheme.header);
resourceDetails.setAccessTokenUri("http://localhost:8080/organizer/oauth/token");
resourceDetails.setScope(Arrays.asList("read", "write"));
resourceDetails.setId("resource");
resourceDetails.setClientId("officialclient");
resourceDetails.setClientSecret("officialclientsecret");
resourceDetails.setUsername("Paul");
resourceDetails.setPassword("password");

OAuth2RestTemplate template = new OAuth2RestTemplate(resourceDetails, context);
return template.getAccessToken().getValue();

是否有允许密码授予类型的全局设置?

【问题讨论】:

    标签: java spring spring-security spring-oauth2


    【解决方案1】:

    你应该使用变量参数,而不是像你一样使用逗号分隔的字符串值:

    .authorizedGrantTypes("authorization_code, refresh_token, password")
    

    替换为:

    .authorizedGrantTypes("authorization_code", "refresh_token", "password")
    

    【讨论】:

      【解决方案2】:

      您需要向AuthorizationServerEndpointsConfigurer 提供AuthenticationManager。更多信息here 在授予类型下。示例:

      @Override
      public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
          endpoints.authenticationManager(authenticationManager);
      }
      

      如果你想使用spring boot提供的默认管理器进行开发,可以这样抓取bean:

      @Component
      @EnableAuthorizationServer
      public class MyAuthorizationServerConfigurer extends AuthorizationServerConfigurerAdapter {
      
      private final AuthenticationManager authenticationManager;
      
      public MyAuthorizationServerConfigurer(AuthenticationConfiguration authenticationConfiguration) throws Exception {
          this.authenticationManager = authenticationConfiguration.getAuthenticationManager();
      }   
      

      }

      【讨论】:

        猜你喜欢
        • 1970-01-01
        • 2015-05-20
        • 2018-05-26
        • 2018-09-20
        • 2015-07-18
        • 1970-01-01
        • 1970-01-01
        • 2019-01-07
        • 2017-10-08
        相关资源
        最近更新 更多