我正在尝试一个非常简单的例子:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("my-api").secret("{noop}secret")
.authorizedGrantTypes("client_credentials")
.scopes("resource-server-read", "resource-server-write");
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.allowFormAuthenticationForClients().checkTokenAccess("permitAll()");
}
}
和SimpleAuthorizationServerApplication:
@RestController
@EnableResourceServer
@SpringBootApplication
public class SimpleAuthorizationServerApplication {
public static void main(String[] args) {
SpringApplication.run(SimpleAuthorizationServerApplication.class, args);
}
@RequestMapping("/validateUser")
public Principal user(Principal user) {
return user;
}
}
…然后是资源(在同一应用程序的另一个模块中):
@RestController
public class MyController {
@GetMapping("hello/world")
public String helloWorld() {
return "helloWorld";
}
}
,
@EnableResourceServer
@SpringBootApplication
public class Application implements WebMvcConfigurer {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
虽然我确实从http://localhost:7070/oauth/token:
得到了这个令牌{
"access_token": "05a0adeb-751d-4b4b-a9f5-177e82ac9826",
"token_type": "bearer",
"expires_in": 42167,
"scope": "resource-server-read resource-server-write"
}
使用授权承载令牌调用资源http://localhost:8080/hello/world时,我得到
{
"error": "invalid_token",
"error_description": "Invalid access token: 05a0adeb-751d-4b4b-a9f5-177e82ac9826"
}
My pom dependencies:
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.4.RELEASE</version>
</parent>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.3.3.RELEASE</version>
</dependency>
应用程序。资源端Yml:
security:
oauth2:
resource:
userInfoUri: http://localhost:7070/oauth/validateUser
似乎有些东西配置错误,但我不知道是什么,因此我需要帮助。
你需要设置这个:
security.oauth2.resource.userInfoUri=http://localhost:7070/oauth/...