可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
please help me... unsupported grant type makes me crazy.. my spring boot settings look like this.
@Configuration @EnableAuthorizationServer public class AuthServerConfig extends AuthorizationServerConfigurerAdapter{ @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { // TODO Auto-generated method stub super.configure(endpoints); } @Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { // TODO Auto-generated method stub security /*.tokenKeyAccess("permitAll()")*/ .checkTokenAccess("isAuthenticated()"); } @Bean public TokenStore tokenStore() { return new JwtTokenStore(jwtAccessTokenConverter()); } @Bean public JwtAccessTokenConverter jwtAccessTokenConverter() { return new JwtAccessTokenConverter(); } @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { // TODO Auto-generated method stub clients.inMemory() .withClient("foo") .secret("{noop}bar") .authorizedGrantTypes("password", "authorization_code", "refresh_token","client_credentials") .authorities("ROLE_CLIENT","ROLE_TRUSTED_CLIENT") .scopes("read", "write","trust","openid") .accessTokenValiditySeconds(120).//Access token is only valid for 2 minutes. refreshTokenValiditySeconds(600);//Refresh token is only valid for 10 minutes. } }
and this is result of postman test that always return unsupported grant type 'password'
enter image description here
enter image description here
回答1:
if you are using grant_type="password", you have to :
create below bean in your own WebSecurityConfigurerAdapter class
@Override @Bean public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); }
inject it to AuthorizationServerConfigurerAdapter class
@Autowired private AuthenticationManager authenticationManager;
use it in configure(AuthorizationServerEndpointsConfigurer endpoints) method
@Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) { endpoints.authenticationManager(authenticationManager); }
Complete Example :
@Configuration public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override @Bean public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Bean @Override protected UserDetailsService userDetailsService(){ InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager(); manager.createUser(User.withUsername("a").password("123456").authorities("USER").build()); return manager; } } @Configuration @EnableAuthorizationServer public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { private AuthenticationManager authenticationManager; @Autowired public AuthorizationServerConfig(AuthenticationManager authenticationManager) { this.authenticationManager = authenticationManager; } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) { endpoints.authenticationManager(authenticationManager); } @Override public void configure(AuthorizationServerSecurityConfigurer security) { security.tokenKeyAccess("permitAll()") .checkTokenAccess("isAuthenticated()") .allowFormAuthenticationForClients(); } @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("CLIEN_ID").secret("CLIENT_SECRET") .authorizedGrantTypes("password", "refresh_token") .authorities("CLIENT") .scopes("read"); } }
Test :
curl -i -X POST -d "username=a&password=123456&grant_type=password&client_id=CLIENT_ID&client_secret=CLIENT_SECRET" http://localhost:8080/oauth/token
回答2:
Assuming the input user is valid, could you please try sending client id and client secret params in addition to username, password and grant type.
curl http://{host}:{port}/oauth/token -d grant_type=password -d username=user -d password=password -d client_id=client -d client_secret=secret
