0
試圖在grails中使用grails-spring-security-oauth2-provider 2.2.4。授權流程正在工作,但當重新提交代碼以獲取令牌(通過/ myapp/oauth/token)時,我期待ClientCredentialsTokenEndpointFilter驗證POST請求,但它不會。我在過濾器鏈中看到它。grails-spring-security-oauth2-provider ClientCredentials過濾不處理/ oauth /令牌
此外,它會使用我在Config.groovy中定義的客戶端的ID /祕密嗎?它似乎會首先嚐試我的DaoAuthenticationProvidor並且失敗並直接進入異常過濾器(並重定向到登錄端點)。
DEBUG web.FilterChainProxy - /oauth/token at position 5 of 11 in additional filter chain; firing Filter: 'RequestHolderAuthenticationFilter'
DEBUG web.FilterChainProxy - /oauth/token at position 6 of 11 in additional filter chain; firing Filter: 'ClientCredentialsTokenEndpointFilter'
DEBUG web.FilterChainProxy - /oauth/token at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
我的配置:
oauthProvider {
clients = [
[
clientId:"test",
clientSecret:"testSecret",
authorizedGrantTypes:["authorization_code"],
registeredRedirectUri:["http://myapp/other/"]
]
]
providerNames = [
'samlAuthenticationProvider',
'daoAuthenticationProvider',
'anonymousAuthenticationProvider',
'rememberMeAuthenticationProvider',
'clientCredentialsAuthenticationProvider']
...
'/oauth/authorize.dispatch':['IS_AUTHENTICATED_REMEMBERED'],
'/oauth/token.dispatch':['IS_AUTHENTICATED_REMEMBERED'],
網址貼:
http://localhost:8080/myapp/oauth/token
grant_type=authorization_code
client_id=test
client_secret=testSecret
code=<the code I got from authorization>
redirect_uri=http:localhost:8080//myapp/other"
提供者名稱的順序是否正確?順序很重要,並且按照文檔clientCredentialsAuthenticationProvider必須是第一個。 –