81,095
社区成员
发帖
与我相关
我的任务
分享spring security oautho2 调用/oauth/token返回异常 求大佬支援
Pom文件
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:oauth2="http://www.springframework.org/schema/security/oauth2"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd">
<mvc:annotation-driven/>
<mvc:default-servlet-handler/>
<!-- <bean id="connectionFactory" class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory">
<property name="hostName" value="r-bp167af60211f0b4.redis.rds.aliyuncs.com"/>
<property name="port" value="6379"/>
<property name="password" value="Lgeek1111"/>
</bean>
<bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore">
<constructor-arg ref="connectionFactory"/>
</bean> -->
<bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore"/>
<!-- This is where we defined token based configurations, token validity
and other things -->
<bean id="tokenServices"
class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<property name="tokenStore" ref="tokenStore" />
<property name="supportRefreshToken" value="true" />
<property name="accessTokenValiditySeconds" value="864000" />
<property name="clientDetailsService" ref="clientDetails" />
</bean>
<bean id="requestFactory" class="org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory">
<constructor-arg ref="clientDetails"></constructor-arg>
</bean>
<bean id="userApprovalHandler"
class="org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler">
<property name="tokenStore" ref="tokenStore"></property>
<property name="clientDetailsService" ref="clientDetails"></property>
<property name="requestFactory" ref="requestFactory"></property>
</bean>
<oauth2:authorization-server
client-details-service-ref="clientDetails"
token-services-ref="tokenServices"
user-approval-handler-ref="userApprovalHandler"
check-token-enabled="true">
<oauth2:authorization-code />
<oauth2:implicit />
<oauth2:refresh-token />
<oauth2:client-credentials />
<oauth2:password disabled="false" />
</oauth2:authorization-server>
<oauth2:resource-server id="myResource"
resource-id="myResourceId" token-services-ref="tokenServices" />
<bean id="oauthAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<property name="realmName" value="myResourceId" />
</bean>
<bean id="clientAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
</bean>
<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
<bean id="clientCredentialsTokenEndpointFilter"
class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<property name="authenticationManager" ref="clientAuthenticationManager" />
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<constructor-arg>
<list>
<bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
<bean class="org.springframework.security.access.vote.RoleVoter" />
<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
</list>
</constructor-arg>
</bean>
<authentication-manager id="clientAuthenticationManager"
xmlns="http://www.springframework.org/schema/security">
<authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>
<authentication-manager id="authenticationManager"
xmlns="http://www.springframework.org/schema/security">
<authentication-provider ref="userAuthenticationProvider"/>
</authentication-manager>
<bean id="userAuthenticationProvider" class="com.lgeek.common.security.UserAuthenticationProvider">
</bean>
<bean id="clientDetailsUserService"
class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<constructor-arg ref="clientDetails" />
</bean>
<oauth2:client-details-service id="clientDetails">
<!-- client -->
<oauth2:client client-id="2f7dd7c7-7bd9-433e-868a-88a072d75aa0"
authorized-grant-types="authorization_code,client_credentials,password"
scope="read,write,trust" secret="6dd6d33ac23400fe4bd9ffb447d5bf82"/>
<oauth2:client client-id="2247171e1358457bbc180e766b7a7baf" resource-ids="myResourceId"
authorized-grant-types="password,authorization_code,refresh_token,implicit"
secret="AB7ACF7CB266DC2921220FB20C2C5004" authorities="ROLE_APP" scope="read,write,trust"/>
<oauth2:client client-id="tonr"
authorized-grant-types="password,authorization_code,refresh_token,implicit"
secret="secret" authorities="ROLE_APP" scope="read,write,trust"/>
</oauth2:client-details-service>
<!-- This is not actually used, but it's required by Spring Security -->
<security:authentication-manager alias="authenticationManager" />
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true">
<security:expression-handler ref="oauthExpressionHandler" />
</security:global-method-security>
<oauth2:expression-handler id="oauthExpressionHandler" />
<oauth2:web-expression-handler id="oauthWebExpressionHandler" />
<http pattern="/oauth/token" create-session="stateless"
authentication-manager-ref="clientAuthenticationManager"
entry-point-ref="clientAuthenticationEntryPoint"
xmlns="http://www.springframework.org/schema/security">
<intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
<anonymous enabled="false" />
<http-basic entry-point-ref="clientAuthenticationEntryPoint" />
<custom-filter ref="clientCredentialsTokenEndpointFilter"
before="BASIC_AUTH_FILTER" />
<access-denied-handler ref="oauthAccessDeniedHandler" />
</http>
<http pattern="/api/monit" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/>
<http pattern="/swagger-ui.html" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/>
<security:http pattern="/api-v1/**" create-session="never"
entry-point-ref="oauthAuthenticationEntryPoint" access-decision-manager-ref="accessDecisionManager">
<security:anonymous enabled="false" />
<security:form-login login-page="/login" password-parameter="password" username-parameter="username"/>
<security:intercept-url pattern="/test"></security:intercept-url>
<security:intercept-url pattern="/oauth/authorize" access="ROLE_USER" />
<security:intercept-url pattern="/oauth/check_token" access="ROLE_USER"/>
<security:intercept-url pattern="/oauth/token_key" access="ROLE_USER"/>
<security:intercept-url pattern="/resources/**" access="ROLE_USER"/>
<security:custom-filter ref="myResource" before="PRE_AUTH_FILTER" />
<security:access-denied-handler ref="oauthAccessDeniedHandler" />
<security:expression-handler ref="oauthWebExpressionHandler" />
</security:http>
<!-- <http pattern="/api/v1/**" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/> -->
<http pattern="/pebble-api/v1/**" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/>
<http pattern="/apartment-api/v1/**" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/>
<!--<http pattern="/api/v2/**" create-session="stateless" security="none"-->
<!--xmlns="http://www.springframework.org/schema/security"/>-->
<security:http pattern="/api/v2/**" create-session="never"
entry-point-ref="oauthAuthenticationEntryPoint" access-decision-manager-ref="accessDecisionManager">
<security:anonymous enabled="false" />
<security:intercept-url pattern="/**" access="SCOPE_READ" method="GET" />
<security:intercept-url pattern="/**" access="SCOPE_READ" method="HEAD" />
<security:intercept-url pattern="/**" access="SCOPE_READ" method="OPTIONS" />
<security:intercept-url pattern="/**" access="SCOPE_WRITE" method="PUT" />
<security:intercept-url pattern="/**" access="SCOPE_WRITE" method="POST" />
<security:intercept-url pattern="/**" access="SCOPE_WRITE" method="DELETE" />
<security:custom-filter ref="myResource" before="PRE_AUTH_FILTER" />
<security:access-denied-handler ref="oauthAccessDeniedHandler" />
<security:expression-handler ref="oauthWebExpressionHandler" />
</security:http>
</beans>
POST请求
http://localhost:8080/smartcare/oauth/token?grant_type=password&client_id=2247171e1358457bbc180e766b7a7baf&client_secret=AB7ACF7CB266DC2921220FB20C2C5004&username=13148464079&password=12345678
下面是返回值
{
"error": "unauthorized",
"error_description": "No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken"
}
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:oauth2="http://www.springframework.org/schema/security/oauth2"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd
http://www.springframework.org/schema/security/oauth2
http://www.springframework.org/schema/security/spring-security-oauth2.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd">
<mvc:annotation-driven/>
<mvc:default-servlet-handler/>
<!-- <bean id="connectionFactory" class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory">
<property name="hostName" value="r-bp167af60211f0b4.redis.rds.aliyuncs.com"/>
<property name="port" value="6379"/>
<property name="password" value="Lgeek1111"/>
</bean>
<bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore">
<constructor-arg ref="connectionFactory"/>
</bean> -->
<bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore"/>
<!-- This is where we defined token based configurations, token validity
and other things -->
<bean id="tokenServices"
class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<property name="tokenStore" ref="tokenStore" />
<property name="supportRefreshToken" value="true" />
<property name="accessTokenValiditySeconds" value="864000" />
<property name="clientDetailsService" ref="clientDetails" />
</bean>
<bean id="requestFactory" class="org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory">
<constructor-arg ref="clientDetails"></constructor-arg>
</bean>
<bean id="userApprovalHandler"
class="org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler">
<property name="tokenStore" ref="tokenStore"></property>
<property name="clientDetailsService" ref="clientDetails"></property>
<property name="requestFactory" ref="requestFactory"></property>
</bean>
<oauth2:authorization-server
client-details-service-ref="clientDetails"
token-services-ref="tokenServices"
user-approval-handler-ref="userApprovalHandler"
check-token-enabled="true">
<oauth2:authorization-code />
<oauth2:implicit />
<oauth2:refresh-token />
<oauth2:client-credentials />
<oauth2:password disabled="false" />
</oauth2:authorization-server>
<oauth2:resource-server id="myResource"
resource-id="myResourceId" token-services-ref="tokenServices" />
<bean id="oauthAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<property name="realmName" value="myResourceId" />
</bean>
<bean id="clientAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
</bean>
<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
<bean id="clientCredentialsTokenEndpointFilter"
class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<property name="authenticationManager" ref="clientAuthenticationManager" />
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<constructor-arg>
<list>
<bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
<bean class="org.springframework.security.access.vote.RoleVoter" />
<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
</list>
</constructor-arg>
</bean>
<authentication-manager id="clientAuthenticationManager"
xmlns="http://www.springframework.org/schema/security">
<authentication-provider user-service-ref="clientDetailsUserService" />
</authentication-manager>
<authentication-manager id="authenticationManager"
xmlns="http://www.springframework.org/schema/security">
<authentication-provider ref="userAuthenticationProvider"/>
</authentication-manager>
<bean id="userAuthenticationProvider" class="com.lgeek.common.security.UserAuthenticationProvider">
</bean>
<bean id="clientDetailsUserService"
class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<constructor-arg ref="clientDetails" />
</bean>
<oauth2:client-details-service id="clientDetails">
<!-- client -->
<oauth2:client client-id="2f7dd7c7-7bd9-433e-868a-88a072d75aa0"
authorized-grant-types="authorization_code,client_credentials,password"
scope="read,write,trust" secret="6dd6d33ac23400fe4bd9ffb447d5bf82"/>
<oauth2:client client-id="2247171e1358457bbc180e766b7a7baf" resource-ids="myResourceId"
authorized-grant-types="password,authorization_code,refresh_token,implicit"
secret="AB7ACF7CB266DC2921220FB20C2C5004" authorities="ROLE_APP" scope="read,write,trust"/>
<oauth2:client client-id="tonr"
authorized-grant-types="password,authorization_code,refresh_token,implicit"
secret="secret" authorities="ROLE_APP" scope="read,write,trust"/>
</oauth2:client-details-service>
<!-- This is not actually used, but it's required by Spring Security -->
<security:authentication-manager alias="authenticationManager" />
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true">
<security:expression-handler ref="oauthExpressionHandler" />
</security:global-method-security>
<oauth2:expression-handler id="oauthExpressionHandler" />
<oauth2:web-expression-handler id="oauthWebExpressionHandler" />
<http pattern="/oauth/token" create-session="stateless"
authentication-manager-ref="clientAuthenticationManager"
entry-point-ref="clientAuthenticationEntryPoint"
xmlns="http://www.springframework.org/schema/security">
<intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
<anonymous enabled="false" />
<http-basic entry-point-ref="clientAuthenticationEntryPoint" />
<custom-filter ref="clientCredentialsTokenEndpointFilter"
before="BASIC_AUTH_FILTER" />
<access-denied-handler ref="oauthAccessDeniedHandler" />
</http>
<http pattern="/api/monit" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/>
<http pattern="/swagger-ui.html" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/>
<security:http pattern="/api-v1/**" create-session="never"
entry-point-ref="oauthAuthenticationEntryPoint" access-decision-manager-ref="accessDecisionManager">
<security:anonymous enabled="false" />
<security:form-login login-page="/login" password-parameter="password" username-parameter="username"/>
<security:intercept-url pattern="/test"></security:intercept-url>
<security:intercept-url pattern="/oauth/authorize" access="ROLE_USER" />
<security:intercept-url pattern="/oauth/check_token" access="ROLE_USER"/>
<security:intercept-url pattern="/oauth/token_key" access="ROLE_USER"/>
<security:intercept-url pattern="/resources/**" access="ROLE_USER"/>
<security:custom-filter ref="myResource" before="PRE_AUTH_FILTER" />
<security:access-denied-handler ref="oauthAccessDeniedHandler" />
<security:expression-handler ref="oauthWebExpressionHandler" />
</security:http>
<!-- <http pattern="/api/v1/**" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/> -->
<http pattern="/pebble-api/v1/**" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/>
<http pattern="/apartment-api/v1/**" create-session="stateless" security="none"
xmlns="http://www.springframework.org/schema/security"/>
<!--<http pattern="/api/v2/**" create-session="stateless" security="none"-->
<!--xmlns="http://www.springframework.org/schema/security"/>-->
<security:http pattern="/api/v2/**" create-session="never"
entry-point-ref="oauthAuthenticationEntryPoint" access-decision-manager-ref="accessDecisionManager">
<security:anonymous enabled="false" />
<security:intercept-url pattern="/**" access="SCOPE_READ" method="GET" />
<security:intercept-url pattern="/**" access="SCOPE_READ" method="HEAD" />
<security:intercept-url pattern="/**" access="SCOPE_READ" method="OPTIONS" />
<security:intercept-url pattern="/**" access="SCOPE_WRITE" method="PUT" />
<security:intercept-url pattern="/**" access="SCOPE_WRITE" method="POST" />
<security:intercept-url pattern="/**" access="SCOPE_WRITE" method="DELETE" />
<security:custom-filter ref="myResource" before="PRE_AUTH_FILTER" />
<security:access-denied-handler ref="oauthAccessDeniedHandler" />
<security:expression-handler ref="oauthWebExpressionHandler" />
</security:http>
</beans>
POST请求
http://localhost:8080/smartcare/oauth/token?grant_type=password&client_id=2247171e1358457bbc180e766b7a7baf&client_secret=AB7ACF7CB266DC2921220FB20C2C5004&username=13148464079&password=12345678
下面是返回值
{
"error": "unauthorized",
"error_description": "No AuthenticationProvider found for org.springframework.security.authentication.UsernamePasswordAuthenticationToken"
}
...全文
请发表友善的回复…
发表回复
