Spring boot 在spring boot中使用InMemoryUserDetails获取错误凭据
我使用的是spring boot oauth,在进行授权时,即使使用了inMemory,也无法验证我的凭据 我的授权服务器:Spring boot 在spring boot中使用InMemoryUserDetails获取错误凭据,spring-boot,oauth-2.0,microservices,jwt-auth,spring-security-rest,Spring Boot,Oauth 2.0,Microservices,Jwt Auth,Spring Security Rest,我使用的是spring boot oauth,在进行授权时,即使使用了inMemory,也无法验证我的凭据 我的授权服务器: @Configuration @EnableAuthorizationServer @Import(ServerWebSecurityConfig.class) public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { @Autowire
@Configuration
@EnableAuthorizationServer
@Import(ServerWebSecurityConfig.class)
public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
static final String CLIEN_ID = "ipro-client";
static final String CLIENT_SECRET = "ipro-secret";
static final String GRANT_TYPE = "password";
static final String AUTHORIZATION_CODE = "authorization_code";
static final String REFRESH_TOKEN = "refresh_token";
static final String IMPLICIT = "implicit";
static final String SCOPE_READ = "read";
static final String SCOPE_WRITE = "write";
static final String TRUST = "trust";
static final int ACCESS_TOKEN_VALIDITY_SECONDS = 1 * 60 * 60;
static final int FREFRESH_TOKEN_VALIDITY_SECONDS = 6 * 60 * 60;
static final String REDIRECT_URI = "http://localhost:8888/login";
/*@Autowired
@Qualifier("ibrdatasource")
private DataSource dataSource;*/
@Autowired
private UserDetailsService userDetailsService;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.tokenStore(tokenStore()).accessTokenConverter(accessTokenConverter())
.authenticationManager(authenticationManager).userDetailsService(userDetailsService);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("permitAll()");
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
/*
* @Override public void configure(ClientDetailsServiceConfigurer clients)
* throws Exception { JdbcClientDetailsService jdbcClientDetailsService = new
* JdbcClientDetailsService(dataSource);
* clients.withClientDetails(jdbcClientDetailsService); }
*/
@Override
public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {
configurer.inMemory().withClient(CLIEN_ID).secret(CLIENT_SECRET)
.authorizedGrantTypes(GRANT_TYPE, AUTHORIZATION_CODE, REFRESH_TOKEN, IMPLICIT)
.scopes(SCOPE_READ, SCOPE_WRITE, TRUST).redirectUris(REDIRECT_URI)
.accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS)
.refreshTokenValiditySeconds(FREFRESH_TOKEN_VALIDITY_SECONDS);
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey("123");
return converter;
}
@Bean
@Primary
public DefaultTokenServices tokenServices() {
DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true);
return defaultTokenServices;
}
@Bean
public PasswordEncoder userPasswordEncoder() {
return new BCryptPasswordEncoder(4);
}
}
@Bean
public UserDetailsService userDetailsService() {
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("user").password("user").roles("USER").build());
manager.createUser(User.withUsername("admin").password("password").roles("USER", "ADMIN").build());
return manager;
}
它显示了糟糕的凭证。请在这方面帮助我,任何帮助都会很好。这可能是因为您没有对密码进行编码 设置密码时使用
BCryptPasswordEncoderAuthenticationManagerBuilderwebsecurityConfigureAdapterBCryptPasswordEncoder@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private BCryptPasswordEncoder passwordEncoder;
@Autowired
public void globalUserDetails(final AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("user").password(this.passwordEncoder.encode("user")).roles("USER").and()
.withUser("admin").password(this.passwordEncoder.encode("admin")).roles("USER", "ADMIN").and()
}
}
我使用了密码编码器,现在它工作正常,谢谢@Matheus cirillo。
@Bean
public PasswordEncoder userPasswordEncoder() {
return new BCryptPasswordEncoder(4);
}
@Autowired
PasswordEncoder passwordEncoder;
@Bean
public UserDetailsService userDetailsService() {
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(
User.withUsername("user").password(this.passwordEncoder.encode("user")).roles("USER").build());
manager.createUser(User.withUsername("admin").password(this.passwordEncoder.encode("password"))
.roles("USER", "ADMIN").build());
return manager;
}`enter code here`