Java Spring boot OAUTH2无法刷新\u令牌-需要UserDetailService
我正在使用SpringBootVersion1.4.3.RELEASE并尝试设置我的授权服务器 当访问令牌有效时,我在创建令牌或访问资源时没有问题,但是当它过期并且我尝试刷新它时,我得到了一个错误Java Spring boot OAUTH2无法刷新\u令牌-需要UserDetailService,java,spring,spring-boot,oauth-2.0,Java,Spring,Spring Boot,Oauth 2.0,我正在使用SpringBootVersion1.4.3.RELEASE并尝试设置我的授权服务器 当访问令牌有效时,我在创建令牌或访问资源时没有问题,但是当它过期并且我尝试刷新它时,我得到了一个错误 { "error": "server_error", "error_description": "UserDetailsService is required." } 这是我刷新访问令牌的请求 http://localhost:11134/oauth/token?grant_type=ref
{
"error": "server_error",
"error_description": "UserDetailsService is required."
}
这是我刷新访问令牌的请求
http://localhost:11134/oauth/token?grant_type=refresh_token&refresh_token=0d17dfee-1185-480d-af30-ba0f1e47831c&scope=read
刷新\u令牌是正确的
这是我的授权服务器
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter implements EnvironmentAware {
private static final String ENV_OAUTH = "security.oauth2.client.";
private static final String PROP_CLIENTID = "client-id";
private static final String PROP_SECRET = "client-secret";
private static final String PROP_TOKEN_VALIDITY_SECONDS = "access-token-validity-seconds";
private static final String PROP_REFRESH_TOKEN_VALIDITY_SECONDS = "refresh-token-validity-seconds";
private RelaxedPropertyResolver propertyResolver;
@Autowired
private DataSource dataSource;
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource);
}
@Autowired
private CustomUserDetailsService userDetailsService;
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints)
throws Exception {
endpoints
.tokenStore(tokenStore())
.authenticationManager(authenticationManager).userDetailsService(userDetailsService);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient(propertyResolver.getProperty(PROP_CLIENTID))
.scopes("read", "write", "trust")
.authorities(Authorities.ROLE_ADMIN.name(), Authorities.ROLE_USER.name())
.authorizedGrantTypes("password", "refresh_token")
.secret(propertyResolver.getProperty(PROP_SECRET))
.accessTokenValiditySeconds(propertyResolver.getProperty(PROP_TOKEN_VALIDITY_SECONDS, Integer.class))
.refreshTokenValiditySeconds(propertyResolver.getProperty(PROP_REFRESH_TOKEN_VALIDITY_SECONDS, Integer.class));
}
public void setEnvironment(Environment environment) {
this.propertyResolver = new RelaxedPropertyResolver(environment, ENV_OAUTH);
}
}
这就是WebSecurity配置
@Configuration
@EnableWebSecurity
// @EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Bean
public PasswordEncoder passwordEncoder() {
return new StandardPasswordEncoder();
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
如果有意思,这是CustomUserDetailService
@Component("userDetailsService")
public class CustomUserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService {
private final Logger log = LoggerFactory.getLogger(UserDetailsService.class);
@Autowired
private UserRepository userRepository;
@Override
@Transactional
public UserDetails loadUserByUsername(final String login) {
log.debug("Authenticating {}", login);
String lowercaseLogin = login.toLowerCase();
User userFromDatabase;
userFromDatabase = userRepository.findByUsernameCaseInsensitive(lowercaseLogin);
Collection<GrantedAuthority> grantedAuthorities = new ArrayList<>();
for (Authority authority : userFromDatabase.getAuthorities()) {
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority(authority.getName());
grantedAuthorities.add(grantedAuthority);
}
return new org.springframework.security.core.userdetails.User(userFromDatabase.getUsername(), userFromDatabase.getPassword(), grantedAuthorities);
}
}
@组件(“userDetailsService”)
公共类CustomUserDetailsService实现org.springframework.security.core.userdetails.UserDetailsService{
私有最终记录器log=LoggerFactory.getLogger(UserDetailsService.class);
@自动连线
私有用户存储库用户存储库;
@凌驾
@交易的
public UserDetails loadUserByUsername(最终字符串登录){
调试(“验证{}”,登录);
String lowercaseLogin=login.toLowerCase();
用户数据库;
userFromDatabase=userRepository.FindByUserNameCaseSensitive(小写字母);
Collection GrantedAuthories=new ArrayList();
for(权限:userFromDatabase.getAuthorities()){
GrantedAuthority GrantedAuthority=新的SimpleGrantedAuthority(authority.getName());
授权权限。添加(授权权限);
}
返回新的org.springframework.security.core.userdetails.User(userFromDatabase.getUsername(),userFromDatabase.getPassword(),grantedAuthories);
}
}
您收到带有访问令牌的刷新令牌了吗?当然,我用它来刷新访问令牌了\u令牌请添加请求(例如curl)您发布了刷新访问令牌的消息了吗添加了,谢谢,我用Postmani发出请求,我想,您必须将授权发送到服务器。在没有任何授权的情况下,您可以访问授权服务器。尝试类似于:curl-v--data“grant\u type=refresh\u-token&refresh\u-token=refresh\u-token”-H“Authorization:basic”。如果您没有在base64中转换clientId和secret,请添加以下内容:curl-v--data“grant\u type=refresh\u token&client\u id=yourclientid&client\u secret=youclientsceret&refresh\u token=refresh\u token”