【发布时间】:2021-05-23 19:49:35
【问题描述】:
我需要使用 Maven 实现客户端 Java 应用程序,该应用程序从资源服务器发出请求。为了授权请求,必须在请求的标头中提供不记名令牌。要获得令牌,必须先完成另一个请求。服务器为我提供了发出令牌请求所需的所有参数:client_id、client_secret、用户名、密码等。令牌请求的 grant_type 是“密码”。
服务器基于 GraphQL,因此我使用以下 Maven 插件来生成执行 GraphQL 查询的 Java 类: https://github.com/graphql-java-generator/graphql-maven-plugin-project
他们提供了有关如何“访问 OAuth2 GraphQL 服务器”的教程: https://graphql-maven-plugin-project.graphql-java-generator.com/client_oauth2.html
正如他们在教程中提到的,为了连接到 OAuth 服务器,我必须使用 Spring。本教程解释了如何访问使用“client_credentials”授权类型的服务器。我不熟悉spring和spring-security,所以我没有设法将我的Spring客户端配置为'password'授权类型(我所做的只是在application.properties中将grant_type从'client_credentials'更改为'password') .需要在哪里配置用户名和密码?我需要做哪些额外的配置?没有春天有没有办法做到这一点?我想要获得的是从授权服务器请求令牌并(在后台)将令牌添加到资源请求的方式。
以下是我遵循教程的一段代码:
@SpringBootApplication(scanBasePackageClasses = { MinimalSpringApp.class, GraphQLConfiguration.class})
public class MinimalSpringApp implements CommandLineRunner
{
/**
* The executor, that allows to execute GraphQL queries. The class name is the one defined in the GraphQL schema.
*/
@Autowired
QueryExecutor queryExecutor;
public static void main( String[] args )
{
SpringApplication.run( MinimalSpringApp.class, args );
}
/**
* This method is started by Spring, once the Spring context has been loaded. This is run, as this class implements
* {@link CommandLineRunner}
*/
@Override
public void run( String... args ) throws Exception
{
// Create query
GraphQLRequest softwareTechnologyRequest = queryExecutor.getSoftwareTechnologyGraphQLRequest( "{ id name }" );
SoftwareTechnologyFilter filter = new SoftwareTechnologyFilter();
// Execute query
List<SoftwareTechnology> technologies =
queryExecutor.softwareTechnology( softwareTechnologyRequest, filter, 0, "", 1000, "", 0,
Collections.emptyList() );
System.out.println( technologies );
}
@Bean
ServerOAuth2AuthorizedClientExchangeFilterFunction serverOAuth2AuthorizedClientExchangeFilterFunction(
ReactiveClientRegistrationRepository clientRegistrations) {
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(
clientRegistrations, new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
oauth.setDefaultClientRegistrationId("provider_test");
return oauth;
}
当我运行应用程序时,它会抛出由“401 Unauthorized from POST”引起的 IllegalStateException。
【问题讨论】:
标签: java spring-boot maven oauth-2.0 graphql