問題備忘:Spring Cloud OAuth2.0 開發過程當中碰到的問題

問題: Spring Security – There is no PasswordEncoder mapped for the id 「null」

解決方法一: 問題解決:blog.csdn.net/Hello_World…spring

解決方法二: 由於5.x版本新增了多種密碼加密方式,必須指定一種,好比這樣解決json

@Bean
 public static NoOpPasswordEncoder passwordEncoder() {
   return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
 }
複製代碼

問題2:調用接口/com-oauth/oauth/check_token失敗

返回錯誤碼:bash

{
  "timestamp": "2019-07-10T02:57:43.818+0000",
  "status": 403,
  "error": "Forbidden",
  "message": "Forbidden",
  "path": "/com-oauth/oauth/check_token"
}
複製代碼

解決方法一: 設置 security.tokenKeyAccess("permitAll()").checkTokenAccess("permitAll()");app

@Configuration
@EnableAuthorizationServer
public class OAuth2AuthorizationServer extends AuthorizationServerConfigurerAdapter {

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        super.configure(security);
        security.tokenKeyAccess("permitAll()").checkTokenAccess("permitAll()");
    }
}
複製代碼

問題3: 在使用密碼模式時,拋出異常:o.s.s.o.provider.endpoint.TokenEndpoint : Handling error: UnsupportedGrantTypeException, Unsupported grant type: password

解決方法:配置AuthenticationManagercurl

@Configuration
@EnableAuthorizationServer
public class OAuth2AuthorizationServer extends AuthorizationServerConfigurerAdapter {


   // 用戶認證
   @Autowired
   private AuthenticationManager authenticationManager;

   @Override
   public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
       super.configure(endpoints);
       // 密碼模式必須有這個參數
       endpoints.authenticationManager(authenticationManager);
   }
}
複製代碼

問題4:Field authenticationManager in cn.springcloud.book.OAuthConfiguration required a bean of type 'org.springframework.security.authentication.AuthenticationManager' that could not be found

解決方法: 集成WebSecurityConfigurerAdapter 類,並重寫方法authenticationManager(),使用 @Bean註解標記ide

@ComponentScan
@Configuration
public class MyWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {

    @Bean(name = BeanIds.AUTHENTICATION_MANAGER)
    @Override
    protected AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }
}
複製代碼

問題5: 在passwod模式下,執行刷新token時,拋出異常Handling error: IllegalStateException, UserDetailsService is required.

執行如下命令,拋出異常Handling error: IllegalStateException, UserDetailsService is requiredui

curl -i -X POST -u 'clientapp2:112233'  http://10.216.33.211:10808/com-oauth/oauth/token -H "accept: application/json" -d 'grant_type=refresh_token&refresh_token=b610dfa9-2ee4-4214-bc57-f6b2937d4b27'
複製代碼

解決方法: 在AuthorizationServerConfigurerAdapter 中配置UserDetailsService對象加密

@Configuration
@EnableAuthorizationServer
public class OAuth2AuthorizationServer extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private MyUserDetailsService myUserDetailsService;

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        // 執行token刷新須要帶上此參數
        endpoints.userDetailsService(myUserDetailsService);
    }
}
複製代碼

問題6:不支持form表單提交

執行命令:url

curl -X POST "http://10.216.33.211:10808/com-oauth/oauth/token" -d "grant_type=client_credentials&scope=read_contacts&client_id=clientapp&client_secret=112233"
複製代碼

返回錯誤:spa

{"timestamp":"2019-07-11T02:27:29.962+0000","status":401,"error":"Unauthorized","message":"Unauthorized","path":"/com-oauth/oauth/token"} 
複製代碼

解決方法: 支持Form表達提交: security.allowFormAuthenticationForClients();

@Configuration
@EnableAuthorizationServer
public class OAuth2AuthorizationServer extends AuthorizationServerConfigurerAdapter {

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        super.configure(security);
        security.tokenKeyAccess("permitAll()").checkTokenAccess("permitAll()");
        //容許表單認證
        security.allowFormAuthenticationForClients();
    }

 
}
複製代碼

執行命令:

curl -X POST "http://10.216.33.211:10808/com-oauth/oauth/token" -d "grant_type=client_credentials&scope=read_contacts&client_id=clientapp&client_secret=112233"
複製代碼

返回正常結果:

{"access_token":"35ae4576-f7b3-480e-aeff-eee7ea2ce803","token_type":"bearer","refresh_token":"0493963a-22f5-4cff-8b50-3cc5da3577a6","expires_in":197,"scope":"read_contacts"}
複製代碼
相關文章
相關標籤/搜索