我的应用程序中出现错误“未经授权”的问题。我正在使用 Spring Security 和 oauth2。我的客户和用户存储在数据库中。当我开始使用数据库中的客户端时,PostMan 中出现错误 401。客户端正在保存在数据库中,但是当我想从 localhost:8080/oauth/token 获取令牌访问权限时仍然出现错误。以下是我的来源:
授权服务器配置:
公共类 AuthorizationServerConfig 扩展 AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private TokenStore tokenStore;
private CustomClientDetailsService customClientDetailsService;
@Bean
PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.withClientDetails(customClientDetailsService);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.tokenStore(tokenStore)
.authenticationManager(authenticationManager);
}
}
这是我的 CustomClientDetails :
公共类 CustomClientDetails 实现 ClientDetails {
final static Logger log = LoggerFactory.getLogger(CustomClientDetailsService.class);
private static final long serialVersionUID = 6602529451366778198L;
private Clients clients;
public CustomClientDetails(final Clients clients){
this.clients = clients;
}
@Override
public String getClientId() {
return clients.getClientId();
}
@Override
public Set<String> getResourceIds() {
final Set<String> resourcesIds = new HashSet<String>();
resourcesIds.add(clients.getResourceIds());
return resourcesIds;
}
@Override
public boolean isSecretRequired() {
return true;
}
@Override
public String getClientSecret() {
return clients.getClientSecret();
}
@Override
public boolean isScoped() {
return true;
}
@Override
public Set<String> getScope() {
final Set<String> scopes = new HashSet<String>();
scopes.add(clients.getScope());
return scopes;
}
慕后森
摇曳的蔷薇
相关分类