oauth-2.0 - Spring boot OAuth2在尝试使用访问令牌获取资源时获得访问被拒绝异常
问题描述
我正在尝试实现 oauth2 spring boot 应用程序。我使用 /token API 获得了访问令牌和刷新令牌。但是,当我尝试使用访问令牌作为承载令牌访问我的其余 API 时,我收到拒绝访问错误。
这是我的代码
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Autowired
private MyUserDetailsService myUserDetailsService;
@Autowired
private DataSource dataSource;
@Autowired
private OAuth2ClientDetailsService oAuth2ClientDetailsService;
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.withClientDetails(oAuth2ClientDetailsService);
}
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager).accessTokenConverter(defaultAccessTokenConverter())
.userDetailsService(myUserDetailsService);
}
@Bean
public TokenStore tokenStore(){
return new JwtTokenStore(defaultAccessTokenConverter());
}
@Bean
public JwtAccessTokenConverter defaultAccessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey("123");
return converter;
}
}
@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
private static final String RESOURCE_ID = "resource-server-rest-api";
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
resources.resourceId(RESOURCE_ID);
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**").authorizeRequests().anyRequest().authenticated();
}
}
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(securedEnabled = true)
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
private MyUserDetailsService myUserDetailsService;
/*@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource);
}*/
@Bean
public TokenStore tokenStore() {
return new InMemoryTokenStore();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().authorizeRequests().antMatchers("/oauth/token")
.permitAll().anyRequest().authenticated();
}
/*@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider());
}
@Bean
public DaoAuthenticationProvider authenticationProvider() {
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setUserDetailsService(myUserDetailsService);
return provider;
}*/
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/device_registration");
}
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(myUserDetailsService);
}
/*@Autowired // here is configuration related to spring boot basic authentication
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication() // static users
.withUser("dummy_user").password("password").roles("USER").and().withUser("dummy_user1")
.password("password").roles("USER");
}*/
}
我正在使用 oauth2
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.3.5.RELenter code hereEASE</version>
</dependency>**
解决方案
推荐阅读
- javascript - 如何将数据从路由传递到 pug 文件
- php - 将单个字符串拆分为多个分隔符上的数组
- c++ - C++:尝试在单个 for 循环中使用 getlline() 填充多个向量时,向量下标超出范围
- javascript - Discord.js - 尝试等待异步进程并允许递归调用包装器
- windows - 如何在 aws cloud vm 中的 windows server 2016 中运行 linux 容器
- javascript - 如何通过点击 JavaScript 输入文本字段内的十字按钮来刷新我的实时搜索?
- php - 我们如何嵌入 TripAdvisor 评论?
- python - 树莓派:使用 Sense Hat 传感器,如何检测加速度?
- android - 在 CameraImage 流中使用 websocket 时,相机渲染缓慢
- pyspark - Pyspark Phoenix 集成在 oozie 工作流程中失败