java - Oauth2 无法请求登录
问题描述
我使用 Spring 2.3.12.RELEASE 和 Hoxton.SR11 作为云版本。我正在使用的依赖项是 spring-cloud-starter-oauth2。
我只是配置了所有的 oauth 服务器,但是当我尝试登录时,我得到了 401 响应。我认为我错过了一些东西,但我无法修复它。
这是代码:AuthoritationServerConfig
@RefreshScope
@Configuration
@EnableAuthorizationServer
public class AuthoritationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private Environment env;
@Autowired
private BCryptPasswordEncoder passwordEncoder;
@Autowired
private AuthenticationManager authenticacionManager;
@Autowired
private InfoAdicionalToken infoAdicionalToken;
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory().withClient(env.getProperty("config.security.oauth.client.id"))
.secret(passwordEncoder.encode(env.getProperty("config.security.oauth.client.secret")))
.scopes("read", "write").authorizedGrantTypes("password", "refresh_token")
.accessTokenValiditySeconds(3600)
.refreshTokenValiditySeconds(3600);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
tokenEnhancerChain.setTokenEnhancers(Arrays.asList(infoAdicionalToken, accessTokenConverter()));
endpoints.authenticationManager(this.authenticacionManager)
.tokenStore(tokenStore())
.accessTokenConverter(accessTokenConverter()).tokenEnhancer(tokenEnhancerChain);
}
@Bean
public JwtTokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter tokenConverter = new JwtAccessTokenConverter();
tokenConverter.setSigningKey(env.getProperty("config.security.oauth.jwt.key"));
return tokenConverter;
}
}
SpringSecurityConfig
@Configuration
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsService usuarioService;
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
@Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(this.usuarioService).passwordEncoder(passwordEncoder());
}
@Override
@Bean
protected AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}
}
资源服务器配置
@RefreshScope
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Value("${config.security.oauth.jwt.key}")
private String jwtKey;
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/api/security/oauth/**").permitAll();
}
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
resources.tokenStore(tokenStore());
}
@Bean
public JwtTokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter tokenConverter = new JwtAccessTokenConverter();
tokenConverter.setSigningKey(jwtKey);
return tokenConverter;
}
Zuul 应用程序属性
zuul.routes.security.service-id=servicio-oauth
zuul.routes.security.path=/api/security/**
zuul.routes.security.sensitive-headers=Cookie,Set-Cookie
这是请求的捕获:
请求标头:
响应标头:
先感谢您。
解决方案
推荐阅读
- r - 等价于 R 中用于蒙特卡罗模拟的 Stata 命令“模拟”
- tfs - 在 azure devops 中成功完成发布后如何触发构建?
- android - android ConstraintLayout Flow:从右到左对齐项目
- android - How to go to a position with view pager 2 that uses paging 3 to load data?
- python - 在列表中的数据框中查找日期,按 ID 分组
- javascript - 如何使用下面的 HTML 结构创建悬停时出现的叠加层?
- python - 展平 json 对象
- python - Glob没有获取文件?
- c# - 将 SSL 证书与 Fleck Websockets 一起使用
- reactjs - 计数器编号不变(React JS)