Oauth2 Spring 구현

봄에 새로 생겼습니다. Oauth2와 Spring Security를 사용하고 싶습니다.Oauth2 Spring 구현

package demo; 

import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.boot.SpringApplication; 
import org.springframework.boot.autoconfigure.SpringBootApplication; 
import org.springframework.context.annotation.Configuration; 
import org.springframework.security.authentication.AuthenticationManager; 
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 
import org.springframework.security.config.annotation.authentication.configurers.GlobalAuthenticationConfigurerAdapter; 
import org.springframework.security.config.annotation.web.builders.HttpSecurity; 
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; 
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; 
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; 
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; 
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; 
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; 
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; 
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; 
import org.springframework.security.web.util.matcher.OrRequestMatcher; 
import org.springframework.web.bind.annotation.RequestMapping; 
import org.springframework.web.bind.annotation.RestController; 

@SpringBootApplication 
@RestController 
public class Application { 

    public static void main(String[] args) { 
     SpringApplication.run(Application.class, args); 
    } 

    @RequestMapping("/") 
    public String home() { 
     return "Hello World"; 
    } 

    @Configuration 
    @EnableResourceServer 
    protected static class ResourceServer extends ResourceServerConfigurerAdapter { 

     @Override 
     public void configure(HttpSecurity http) throws Exception { 
      http 

        .requestMatcher(new OrRequestMatcher(
          new AntPathRequestMatcher("/"), 
          new AntPathRequestMatcher("/admin/beans") 
        )) 
        .authorizeRequests() 
        .anyRequest().access("#oauth2.hasScope('read')"); 

     } 

     @Override 
     public void configure(ResourceServerSecurityConfigurer resources) 
       throws Exception { 
      resources.resourceId("id"); 
     } 
    } 

    @Configuration 
    @EnableAuthorizationServer 
    protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter { 

     @Autowired 
     private AuthenticationManager authenticationManager; 

     @Override 
     public void configure(AuthorizationServerEndpointsConfigurer endpoints) 
       throws Exception { 
      endpoints.authenticationManager(authenticationManager); 
     } 

     @Override 
     public void configure(ClientDetailsServiceConfigurer clients) throws Exception { 

      clients.inMemory().withClient("my-trusted-client") 
        .authorizedGrantTypes("password", "authorization_code", 
            "refresh_token", "implicit") 
        .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT") 
        .scopes("read", "write", "trust").resourceIds("id") 
        .accessTokenValiditySeconds(60).and() 
        .withClient("my-client-with-registered-redirect") 
        .authorizedGrantTypes("authorization_code") 
        .authorities("ROLE_CLIENT") 
        .scopes("read", "trust").resourceIds("id") 
        .redirectUris("http://anywhere?key=value").and() 
        .withClient("my-client-with-secret") 
        .authorizedGrantTypes("password") 
        .authorities("ROLE_CLIENT").scopes("read", "write") 
        .resourceIds("id") 
        .secret("secret"); 
     } 
    } 

    @Configuration 
    protected static class AuthenticationConfiguration extends 
           GlobalAuthenticationConfigurerAdapter { 

     @Override 
     public void init(AuthenticationManagerBuilder auth) throws Exception { 
      auth.inMemoryAuthentication().withUser("user").password("password") 
        .roles("USER").and().withUser("admin").password("password") 
        .roles("USER"); 
     } 
    } 
}

내가 암호를 부여 인증을 사용하려면 : 이 내 응용 프로그램입니다. 나는 그런 명령을 실행 불행하게도 때

curl -u my-client-with-secret: http://localhost:8080/oauth/token -d grant_type=password&username=user&password=password&client_id=my-trusted-client&client_secret=secret

응답은 다음과 같습니다

{"timestamp":1477484999849,"status":401,"error":"Unauthorized","message":"Bad credentials","path":"/oauth/token"}

당신은이 문제를 좀 도와 줄래?

출처

2016-10-26 Mateusz Nieścior

요청을 조금 변경해야합니다. 요청 앞에 클라이언트의 자격 증명을 입력하고 매개 변수로 사용자 자격 증명을 추가하십시오.

curl my-client-with-secret:[email protected]:8080/oauth/token -d grant_type=password -d username=user -d password=password

출처

2016-12-01 11:19:20

Oauth2 Spring 구현

답변

관련 문제