1. 首頁
  2. 問答
  3. 如何設置令牌的資源ID?

如何設置令牌的資源ID?

2015-02-24 71 views
2

我試圖實現一個RESTful Web服務與使用OAuth本指南:https://spring.io/guides/tutorials/bookmarks如何設置令牌的資源ID?

我可以成功地檢索令牌:

curl -v -u android-bookmarks:123456 -X POST http://localhost:8080/oauth/token -H "Accept: application/json" -d "password=password&username=User1&grant_type=password&scope=write&client_secret=12345&client_id=android-bookmarks"

響應:

{"access_token":"cdafc45f-924a-4f87-8bd0-e3e2bdffa540","token_type":"bearer","refresh_token":"609efba8-edd3-4ea3-be7b-78e449cec0ef","expires_in":43199,"scope":"write"}* Connection #0 to host localhost left intact

當我嘗試訪問該資源:

curl -G http://localhost:8080/bookmarks -H "Authorization: Bearer cdafc45f-924a-4f87-8bd0-e3e2bdffa540"

我得到如下回應:

{"error":"access_denied","error_description":"Invalid token does not contain resource id (oauth2-resource)"}

的Java類設置資源ID:

@Configuration 
@EnableResourceServer 
@EnableAuthorizationServer 
public class OAuth2Configuration extends AuthorizationServerConfigurerAdapter { 

    public static final String RESOURCE_ID = "bookmarks"; 

    @Autowired 
    AuthenticationManagerBuilder authenticationManager; 

    @Override 
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) 
     throws Exception { 
    endpoints.authenticationManager(new AuthenticationManager() { 
     @Override 
     public Authentication authenticate(Authentication authentication) 
       throws AuthenticationException { 
      return authenticationManager.getOrBuild().authenticate(
        authentication); 
      } 
     }); 
    } 

    @Override 
    public void configure(ClientDetailsServiceConfigurer clients) 
     throws Exception { 

     clients.inMemory() 
      .withClient("android-" + RESOURCE_ID) 
      .authorizedGrantTypes("password", "authorization_code", "refresh_token") 
      .authorities("ROLE_USER") 
      .scopes("write") 
      .secret("123456") 
      .resourceIds(RESOURCE_ID); 
    } 

}

當我更改此代碼:

clients.inMemory() 
     .withClient("android-" + applicationName) 
     .authorizedGrantTypes("password", "authorization_code", "refresh_token") 
     .authorities("ROLE_USER") 
     .scopes("write") 
     .secret("123456");

我可以用訪問資源先前提到(捲曲)命令成功。

來源

2015-02-24 Steve S.

回答

16

原來,我不得不實現接口ResourceServerConfigurerAdapter。以下實現完美工作:

@Configuration 
@EnableResourceServer 
public class ResourceServer extends ResourceServerConfigurerAdapter{ 

    @Override 
    public void configure(HttpSecurity http) throws Exception { 
     // @formatter:off 
     http 
     .requestMatchers().antMatchers("/bookmarks", "/bookmarks/**")  
     .and() 
     .authorizeRequests().anyRequest().access("#oauth2.hasScope('write')"); 
     // @formatter:on 
    } 

    @Override 
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception { 
     resources.resourceId(OAuth2Configuration.RESOURCE_ID); 
    } 

}

來源

2015-02-25 08:46:52

+0

我在關注[本教程](https://medium.com/@nydiarra/secure-a-spring-boot-rest-api-with-json-web-令牌引用給角度積分-e57a25806c50)(見[我的問題](https://stackoverflow.com/questions/47054496/spring-oauth2-invalid-token-does-not-contain-resource-id-oauth2 -resource))。我複製粘貼這個答案,現在它的作品 - 你能解釋*爲什麼*?我沒有得到它,因爲我認爲我在'AuthorizationServerConfig.java'中執行了這個操作(請參閱教程)。 – displayname 2017-11-01 12:33:27

相關問題

 相關問題