1. 首頁
  2. 問答
  3. 如何使用OAuth2RestTemplate + Spring 4?

如何使用OAuth2RestTemplate + Spring 4?

2016-08-02 78 views
3

我想了解如何使用OAuth2RestTemplate對象來使用我的OAuth2安全REST服務(該服務正在不同的項目下運行,並讓我們假設也在不同的服務器上等)...如何使用OAuth2RestTemplate + Spring 4?

f.e.我的休息服務是:

https://localhost:8443/rest/api/user

- >訪問這個URL生成,因爲我沒有通過認證

要請求令牌我會去的錯誤:

https://localhost:8443/rest/oauth/token?grant_type=password&client_id=test&client_secret=test&username=USERNAME & password = PASSW ORD

我接收令牌然後我可以通過使用下面的URL連接到REST API後(例如令牌插入)

https://localhost:8443/rest/api/user?access_token=

我目前試圖具有以下目的的東西:

@EnableOAuth2Client 
@Configuration 
class MyConfig { 

    @Value("${oauth.resource:https://localhost:8443}") 
    private String baseUrl; 
    @Value("${oauth.authorize:https://localhost:8443/rest/oauth/authorize}") 
    private String authorizeUrl; 
    @Value("${oauth.token:https://localhost:8443/rest/oauth/token}") 
    private String tokenUrl; 

    @Bean 
    protected OAuth2ProtectedResourceDetails resource() { 

     ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails(); 

     List scopes = new ArrayList<String>(2); 
     scopes.add("write"); 
     scopes.add("read"); 
     resource.setAccessTokenUri(tokenUrl); 
     resource.setClientId("test"); 
     resource.setClientSecret("test"); 
     resource.setGrantType("password"); 
     resource.setScope(scopes); 

     resource.setUsername("test"); 
     resource.setPassword("test"); 

     return resource; 
    } 

    @Bean 
    public OAuth2RestOperations restTemplate() { 
     CloseableHttpClient httpClient = HttpClients.custom().setSSLHostnameVerifier(new NoopHostnameVerifier()) 
       .build(); 
     HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); 
     requestFactory.setHttpClient(httpClient); 
     AccessTokenRequest atr = new DefaultAccessTokenRequest(); 
     OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resource(), new DefaultOAuth2ClientContext(atr)); 
     AuthorizationCodeAccessTokenProvider provider = new AuthorizationCodeAccessTokenProvider(); 
     provider.setRequestFactory(requestFactory); 
     restTemplate.setAccessTokenProvider(provider); 
     return restTemplate; 
    } 

}

我試圖讓控制器像下面的令牌。

@Controller 
public class TestController { 

    @Autowired 
    private OAuth2RestOperations restTemplate; 

    @RequestMapping(value="/", method= RequestMethod.GET) 
    public String TestForm() { 
     System.out.println("Token : " + restTemplate.getAccessToken().getValue()); 
    } 
}

,但我得到異常

SEVERE: Servlet.service() for servlet [appServlet] in context with path [/web] threw exception [Request processing failed; nested exception is java.lang.ClassCastException: org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails cannot be cast to org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails] with root cause 
java.lang.ClassCastException: org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails cannot be cast to org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails 
    at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.obtainAccessToken(AuthorizationCodeAccessTokenProvider.java:190) 
    at org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:221) 
    at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:173) 
    at com.divyshivglobalinvestor.web.controller.PersonalLoanController.PersonalLoanForm(PersonalLoanController.java:37) 
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
    at java.lang.reflect.Method.invoke(Method.java:601) 
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221) 
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136) 
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:114) 
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) 
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) 
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) 
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:963) 
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:897) 
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) 
    at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861) 
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:624) 
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) 
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218) 
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) 
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) 
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) 
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) 
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956) 
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) 
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:442) 
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1082) 
    at org.apache.coyote.AreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) 
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 
    at java.lang.Thread.run(Thread.java:722)bstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:623) 
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) 
    at java.util.concurrent.Th

下面從一些博客,我發現,如果我們需要授予密碼,然後,而不是ResourceOwnerPasswordResourceDetails,它應該被用來AccessTokenRequest(這是一個地圖,是短暫的)。如果有人能夠幫助我獲得accessToken,那將會很棒。 :)

在此先感謝!

來源

2016-08-02 Vipul Patel

回答

2

你應該restTemplate豆使用ResourceOwnerPasswordAccessTokenProvider代替AuthorizationCodeAccessTokenProvider

來源

2016-08-02 15:35:03

+0

感謝您的回覆!你能舉出任何工作的例子嗎? –

相關問題

 相關問題