问题
I am trying to reproduce the oauth server provided here:
https://spring.io/blog/2015/02/03/sso-with-oauth2-angular-js-and-spring-security-part-v The curl call for testing this basic server should be:
curl acme:acmesecret@localhost:9999/uaa/oauth/token \
-d grant_type=authorization_code -d client_id=acme \
-d redirect_uri=http://example.com -d code=jYWioI
Though I keep getting the following error: Invalid authorization code: jYWioI
Where is this authorization code to be configured in the authorization server?
回答1:
You need to generate a new authorization code!
You can do it using the grant type authorization_code or password
Using the authorization_code:
Open your browser and to visit the authorization endpoint http://localhost:9999/uaa/oauth/authorize?response_type=code&client_id=acme&redirect_uri=http://example.com
After the login process (login: user password: password), you will be redirected to http://example.com/?code=CODE <-- this is the code that you should use in the next request
now you get the token:
curl acme:acmesecret@localhost:9999/uaa/oauth/token -d grant_type=authorization_code -d client_id=acme -d redirect_uri=http://example.com -d code=CODE
response: {"access_token":"eyJhbGciOiJS....."}
Using the password grantType:
curl acme:acmesecret@localhost:9999/uaa/oauth/token -d grant_type=password -d username=user -d password=password
response: {"access_token":"eyJhbGciOiJS....."}
I recommend you to read more about oauth grantTypes, to know what's is better for your solution https://aaronparecki.com/articles/2012/07/29/1/oauth2-simplified
来源:https://stackoverflow.com/questions/33377971/oauth2-spring-security-authorization-code