热门标签
热门文章
- 1OpenVINO™赋能千元级AI开发板大语言模型_intel openvino如何结合软件
- 2springboot 配置方式_${jdbc.username}
- 3解析Spark Executor内幕,详解CoarseGrainedExecutorBackend
- 4vuex全面用法总结详解_vuex用法
- 5前端之HTML&CSS_html&css前端
- 6【MAC】M2 安装docker 与 mysql
- 7如果看待HarmonyOS鸿蒙开闭源的抉择_harmonyos是闭源还是开源
- 8【并发专题】手写MyReentantLock_手写 reentrantlock
- 9[UIScreen mainScreen].bounds.size.width 和self.view.frame.size.width的区别
- 10中国计算机学会推荐国际学术刊物
当前位置: article > 正文
Spring Cloud OAuth2中访问/oauth/token报Unsupported grant type: password问题的解决_unsupported_grant_type
作者:知新_RL | 2024-03-21 01:00:58
赞
踩
unsupported_grant_type
问题分析
在新建的Spring Cloud OAuth2项目中使用grant_type为password方式访问时报Unsupported grant type: password。在postman中如下图:
{
"error": "unsupported_grant_type",
"error_description": "Unsupported grant type: password"
}
- 1
- 2
- 3
- 4
如下图:
java后台报错如下:
2021-01-16 17:02:53.936 WARN 9132 --- [nio-5002-exec-2] o.s.s.o.provider.endpoint.TokenEndpoint : Handling error: UnsupportedGrantTypeException, Unsupported grant type: password
- 1
这个错误提示是说不支持grant type为password的方式获取access_token。
这里grant_type=password表示使用用户名密码的方式获取access_token。
问题解决
要允许oauth2 server支持通过grant_type=password方式获取access_token。需要代码中做以下调整
1、在WebSecurityConfigurerAdapter的实现类中增加获取AuthenticationManager的方法并进行@Bean标注,如下:
package com.wongoing.oauth2.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; @Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } @Override @Bean public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
2、在AuthorizationServerConfigurerAdapter的实现类中使用AuthenticationManager,并在clients中指定授权类型authorizedGrantType(“password”),如下:
package com.wongoing.oauth2.config; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore; @Configuration @EnableAuthorizationServer public class OAuth2ServerConfig extends AuthorizationServerConfigurerAdapter { private TokenStore tokenStore = new InMemoryTokenStore(); @Autowired private PasswordEncoder passwordEncoder; @Autowired private AuthenticationManager authenticationManager; @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory().withClient("client_1").secret(this.passwordEncoder.encode("123456")) .authorizedGrantTypes("password") //授权类型指定为password .scopes("all"); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST); // 配置Token的存储方式 endpoints.tokenStore(tokenStore) // 注入WebSecurityConfig配置的bean .authenticationManager(authenticationManager); } @Override public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { // 对获取Token的请求不再拦截 oauthServer .tokenKeyAccess("permitAll()") // 验证获取Token的验证信息 .checkTokenAccess("isAuthenticated()") //这个如果配置支持allowFormAuthenticationForClients的,且对/oauth/token请求的参数中有client_id和client-secret的会走ClientCredentialsTokenEndpointFilter来保护 //如果没有支持allowFormAuthenticationForClients或者有支持但对/oauth/token请求的参数中没有client_id和client_secret的,走basic认证保护 .allowFormAuthenticationForClients(); } }
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/知新_RL/article/detail/277258
推荐阅读
相关标签
