带有Grails3.0和SpringSecurity核心插件的SpringSecurityOAuth2_Grails_Spring Security Oauth2_Grails 3.0

带有Grails3.0和SpringSecurity核心插件的SpringSecurityOAuth2

grails

带有Grails3.0和SpringSecurity核心插件的SpringSecurityOAuth2,grails,spring-security-oauth2,grails-3.0,Grails,Spring Security Oauth2,Grails 3.0,我尝试在我的项目中使用SpringSecurityOAuth2 我的项目是一个带有SpringSecurity核心插件的Grails3.0.9应用程序我只想授权客户端（如手机）使用用户登录/密码进行连接对于OAuth2，这是我的配置 @配置公共类Oauth2Config{ @Configuration @EnableAuthorizationServer protected static class AuthorizationServer e

我尝试在我的项目中使用SpringSecurityOAuth2

我的项目是一个带有SpringSecurity核心插件的Grails3.0.9应用程序

我只想授权客户端（如手机）使用用户登录/密码进行连接

对于OAuth2，这是我的配置 @配置公共类Oauth2Config{

        @Configuration
        @EnableAuthorizationServer
        protected static class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
            @Autowired
            private AuthenticationManager authenticationManager;
            @Override
            public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
                endpoints.authenticationManager(authenticationManager);
            }
            @Override
            public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
                // @formatter:off
                clients.inMemory()
                    .withClient("client-with-registered-redirect")
                        .authorizedGrantTypes("authorization_code")
                        .authorities("ROLE_CLIENT")
                        .scopes("read", "trust")
                        .redirectUris("http://localhost:8080")
                        .secret("secret")
                    .and()
                    .withClient("client-with-secret")
                        .authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
                        .authorities("ROLE_CLIENT")
                        .scopes("read", "write", "trust")
                        .secret("secret");
                // @formatter:on
            }
        }

        @Configuration
        @EnableResourceServer
        protected static class ResourceServer extends ResourceServerConfigurerAdapter {
            @Override
            public void configure(HttpSecurity http) throws Exception {
                // !! Not enter inside !!
                // @formatter:off
                http
                    .requestMatchers().antMatchers("/api").and()
                    .authorizeRequests()
                    .anyRequest().access("#oauth2.hasScope('read')");
                // @formatter:on
            }
            @Override
            public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
                resources.resourceId(RESOURCE_ID);
            }
        }

    }

当我调用此URL（POST）时

我有这样的回答

{
    error: "unauthorized"
    error_description: "There is no client authentication. Try adding an appropriate authentication filter."
}

我注意到：

@RequestMapping（value=“/oauth/token”，method=RequestMethod.POST）
公共响应postAccessToken（主体，@RequestParam
映射参数）抛出HttpRequestMethodNotSupportedException{
if（！（身份验证的主体实例））{
抛出新的InsufficientAuthenticationException(
“没有客户端身份验证。请尝试添加适当的身份验证筛选器。”）；
}
}

我需要在之前得到认证

我也注意到：调试程序未进入此方法的内部： public void configure（HttpSecurity http）引发异常

另外：OAuth2AuthenticationProcessingFilter从不调用

需要帮助吗谢谢

{
    error: "unauthorized"
    error_description: "There is no client authentication. Try adding an appropriate authentication filter."
}

@RequestMapping(value = "/oauth/token", method=RequestMethod.POST)
            public ResponseEntity<OAuth2AccessToken> postAccessToken(Principal principal, @RequestParam
            Map<String, String> parameters) throws HttpRequestMethodNotSupportedException {

                if (!(principal instanceof Authentication)) {
                    throw new InsufficientAuthenticationException(
                            "There is no client authentication. Try adding an appropriate authentication filter.");
                }
}