JHipster OAuth 无法获取令牌 - 405 错误

Question

我正在尝试获取 OAuth2 令牌以在我的本地 JHipster 服务器上进行授权。 一切都设置正确并且工作正常，我可以通过 Web GUI 登录。 但是当我尝试通过 cURL 获取令牌时，我得到 POST method not allowed

我的 cURL 请求如下：

curl -X POST -vu client:secret http://localhost:8080/oauth/token -H "Accept: application/json" -d "username=admin&password=admin&grant_type=password&scope=read&client_id=CLIENTID&client_secret=CLIENTSECRET"

Answer 1

感谢this 的帖子，我已经测试了 JHipster UAA 以及 JHipster 版本 5。
此命令可能是一个工作示例：

curl -X POST -v http://[server-ip]:9999/oauth/token -i 
-H "Accept: application/json" 
-H "Authorization: Basic aW50ZXJuYWw6aW50ZXJuYWw=" 
-d "username=admin&password=admin&grant_type=client_credentials&scope=web-app"

重要提示：

1. 用户名和密码必须替换为您的。
2. 'clientId + ":" + clientSecret' 的 BASE64 编码值必须在标头中设置。
   在我的情况下 BASE64('internal:internal')='aW50ZXJuYWw6aW50ZXJuYWw=' https://www.base64encode.org/ 可用于对您的文本进行编码。
3. 由于您已将客户端 ID 和密码放在消息头中，因此无需在消息正文中提供。

这可能是一个示例输出：

{
"access_token" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJ3ZWItYXBwIl0sImV4cCI6MTUzNTM2ODEyNiwiaWF0IjoxNTM1MzY2MzI2LCJqdGkiOiJiYjYwMWVkYS01NjUyLTQ5OTgtYWJkNS04YzYxZjA3Y2U1ODUiLCJjbGllbnRfaWQiOiJpbnRlcm5hbCJ9.lNqpfE7N6XJVFe9t7zPbwokU_zl4AFIAmQJZ_Hb2ok0vBpWrDMf3v6KgEEi5bN2iyRd0TQBelSIJothrsYHoTk0ZaeeK9BM97OJr4Uc8kLzn2Vp-xpBk8-n2PlwAKIRojoOxMnBp0nA2qjPieaPV2Fj1HETmK2gZ38lQcZ_KJLD-ug9AT9_N1E9SwRjt1yfZtd64IJZOQGqcZ05VCAj54jxH9lyvX-_1NY2Iq2aA5-cGbOftmv0sUjF15EiTGps6YtFUrJqKs8PmDofMImyqjAwB3yNObpg7c6PbeCXWYLAir5IOFdueTys3cLLyrhE78GJ3OiKSAA128nZSeUbiAg",
"token_type" : "bearer",
"expires_in" : 1799,
"scope" : "web-app",
"iat" : 1535366326,
"jti" : "bb601eda-5652-4998-abd5-8c61f07ce585"
* Connection #0 to host [server-ip] left intact
}

Answer 2

使用默认生成的 jhipster 应用程序 (3.5.0)，这是您为管理员用户卷曲令牌的方式：

> curl -X POST -u jhipsterapp:my-secret-token-to-change-in-production -i -H 'Accept:application/json' http://localhost:8080/oauth/token -d "username=admin&password=admin&grant_type=password&scope=read%20write"

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
X-Application-Context: jhipster:swagger,dev:8080
Cache-Control: no-store
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 22 Jul 2016 13:09:38 GMT

{
  "access_token" : "4a1ae413-5cd7-46e9-8a33-31698218d43e",
  "token_type" : "bearer",
  "refresh_token" : "537f231c-e6e0-4499-bbd8-9580eee02f79",
  "expires_in" : 1799,
  "scope" : "read write"
}

注意：这是我的 .yo-rc.json：

{
  "generator-jhipster": {
    "jhipsterVersion": "3.5.0",
    "baseName": "jhipster",
    "packageName": "com.mycompany.myapp",
    "packageFolder": "com/mycompany/myapp",
    "serverPort": "8080",
    "authenticationType": "oauth2",
    "hibernateCache": "ehcache",
    "clusteredHttpSession": "no",
    "websocket": "no",
    "databaseType": "sql",
    "devDatabaseType": "h2Disk",
    "prodDatabaseType": "mysql",
    "searchEngine": "no",
    "buildTool": "maven",
    "useSass": false,
    "applicationType": "monolith",
    "testFrameworks": [
      "gatling"
    ],
    "jhiPrefix": "jhi",
    "enableTranslation": true,
    "nativeLanguage": "en",
    "languages": [
      "en"
    ]
  }
}