OAuth2 Fiyakamla erişilemez

oy
0

Ben Fiyakamla gelen OAuth2 erişmeye çalıştığımda 401 alıyorum. Swagger aynı projede yapılandırılan ve aynı bağlantı noktasında çalışıyorsa eğer iyi çalışıyor. Ben daha sonra farklı bağlantı noktası ile başka projede havalı yapılandırırken Ama 401 verir.

OAuth2 erişilebilir ve Postman ile iyi çalışıyor olduğunu. Ben farklı bağlantı noktasından 401 veriyor neden bulmak mümkün değilim. Koşuyorum limanın gelen / giden kurallarını kontrol ettirin. Farklı sunucu veya limandan OAuth'u erişmek için gerekli diğer yapılandırma var mı?

OAuth2 projesi üzerinde yapılandırılmış olan http: // localhost: 8090 / SpringBoot projesi üzerinde yapılandırılmış olan http: // localhost: 8888 / OAuth2 401 veriyor yerden.

WebSecurityConfiguration

@Configuration
@EnableWebSecurity
public class CustomWebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Lazy
    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception {
        auth
                .userDetailsService(userDetailsService)
                .passwordEncoder(passwordEncoder);
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers(HttpMethod.OPTIONS).permitAll()
                .antMatchers(/oauth/**).permitAll()
                .antMatchers(/login).permitAll()
                .anyRequest().authenticated()
                .and()
                .httpBasic()
                .and()
                .csrf().disable();
    }
    /*
     * https://github.com/spring-projects/spring-boot/issues/11136
     * Expose it manually (there is bug)
     *
     * */


    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
}

AuthorizationServerConfig:

@Configuration
@EnableAuthorizationServer
public class CustomAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    private static final String CLIENT_ID = client;
    private static final String CLIENT_SECRET = secret;
    private static final String GRANT_TYPE_PASSWORD = password;
    private static final String GRANT_TYPE_CLIENT_CREDENTIALS = client_credentials;
    private static final String GRANT_TYPE_REFRESH_TOKEN = refresh_token;
    private static final String GRANT_TYPE_AUTH_CODE = authorization_code;

    private static final String SCOPE_READ = read;
    private static final String SCOPE_WRITE = write;
    private static final String SCOPE_TRUST = trust;

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private CustomUserDetailService userDetailsService;
    @Autowired
    private PasswordEncoder passwordEncoder;

    @Value(${config.oauth2.tokenTimeout})
    private int ACCESS_TOKEN_VALIDITY_SECONDS;

    @Value(${config.oauth2.tokenTimeout})
    private int REFRESH_TOKEN_VALIDITY_SECONDS;

    @Value(${config.oauth2.privateKey})
    private String privateKey;

    @Value(${config.oauth2.publicKey})
    private String publicKey;

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients
                .inMemory()
                .withClient(CLIENT_ID)
                .authorizedGrantTypes(GRANT_TYPE_CLIENT_CREDENTIALS, GRANT_TYPE_PASSWORD, GRANT_TYPE_REFRESH_TOKEN, GRANT_TYPE_AUTH_CODE)
                .authorities(ROLE_CLIENT, ROLE_TRUSTED_CLIENT)
                .scopes(SCOPE_READ, SCOPE_WRITE, SCOPE_TRUST)
                .resourceIds(oauth2-resource)
                .accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS)
                .refreshTokenValiditySeconds(REFRESH_TOKEN_VALIDITY_SECONDS)
                .secret(passwordEncoder.encode(CLIENT_SECRET));
    }


    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.authenticationManager(authenticationManager)
                .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
                .tokenStore(tokenStore())
                .userDetailsService(userDetailsService)
                .tokenServices(tokenServices())
                .accessTokenConverter(accessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey(privateKey);

        return converter;
    }

    @Bean
    public JwtTokenStore tokenStore() {
        return new JwtTokenStore(accessTokenConverter());
    }

    @Bean
    @Primary
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        defaultTokenServices.setTokenEnhancer(accessTokenConverter());
        return defaultTokenServices;
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security.checkTokenAccess(isAuthenticated())
                .tokenKeyAccess(permitAll());
    }
}

WebSecureConfigurerAdapter:

@Configuration
@EnableResourceServer
public class CustomResourceConfig extends ResourceServerConfigurerAdapter {    
    @Value(${config.oauth2.publicKey})
    private String publicKey;

    @Value(${config.oauth2.privateKey})
    private String privateKey;

    @Value(${config.oauth2.resource.id})
    private String resourceId;

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .csrf().disable()
                .authorizeRequests()
                .antMatchers(HttpMethod.OPTIONS).authenticated()
                .antMatchers(HttpMethod.OPTIONS).permitAll()
                .antMatchers(/, /home, /register, /login).permitAll()
                .antMatchers(/oauth/**).authenticated();

    }

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources
                .resourceId(resourceId)
                .tokenServices(tokenServices())
                .tokenStore(tokenStore());
    }

    @Bean
    @Primary
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        defaultTokenServices.setTokenEnhancer(accessTokenConverter());
        return defaultTokenServices;
    }


    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey(privateKey);
        return converter;
    }

    @Bean
    public JwtTokenStore tokenStore() {
        return new JwtTokenStore(accessTokenConverter());
    }
}
Oluştur 20/10/2018 saat 14:03
kaynak kullanıcı
Diğer dillerde...                            

Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more