Spring boot org.springframework.security.access.AccessDeniedException:访问被拒绝
我正试图在我的spring boot rest服务器中实现OAuth configuration\AuthorizationServerConfig.javaSpring boot org.springframework.security.access.AccessDeniedException:访问被拒绝,spring-boot,spring-security-oauth2,Spring Boot,Spring Security Oauth2,我正试图在我的spring boot rest服务器中实现OAuth configuration\AuthorizationServerConfig.java 包com.vcomm.server.configuration; 导入com.vcomm.server.service.util.CustomAuthenticationKeyGenerator; 导入org.springframework.beans.factory.annotation.Autowired; 导入org.springf
包com.vcomm.server.configuration;
导入com.vcomm.server.service.util.CustomAuthenticationKeyGenerator;
导入org.springframework.beans.factory.annotation.Autowired;
导入org.springframework.context.annotation.Bean;
导入org.springframework.context.annotation.Configuration;
导入org.springframework.context.annotation.Primary;
导入org.springframework.context.event.EventListener;
导入org.springframework.security.authentication.AuthenticationManager;
导入org.springframework.security.authentication.event.AuthenticationSuccessEvent;
导入org.springframework.security.core.userdetails.userdetails服务;
导入org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
导入org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
导入org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
导入org.springframework.security.oauth2.config.annotation.web.configurers.authorizationServerEndpointsConfiger;
导入org.springframework.security.oauth2.config.annotation.web.configurers.authorizationServerSecurityConfiger;
导入org.springframework.security.oauth2.provider.token.DefaultTokenServices;
导入org.springframework.security.oauth2.provider.token.TokenStore;
导入org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
导入org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
导入javax.annotation.Resource;
导入javax.sql.DataSource;
@配置
@EnableAuthorizationServer
公共类AuthorizationServerConfig扩展AuthorizationServerConfigurerAdapter{
@资源(name=“roomUserDetailsService”)
用户详细信息服务用户详细信息服务;
@自动连线
私有数据源;
@豆子
公共令牌库令牌库(){
JdbcTokenStore tokenStore=新的JdbcTokenStore(数据源);
setAuthenticationKeyGenerator(新的CustomAuthenticationKeyGenerator());
返回代币店;
}
@豆子
公共JwtAccessTokenConverter accessTokenConverter(){
JwtAccessTokenConverter=新的JwtAccessTokenConverter();
转换器。设置点火键(“123”);
回流转换器;
}
@豆子
@初级的
公共DefaultTokenServices令牌服务(){
DefaultTokenServices DefaultTokenServices=新的DefaultTokenServices();
setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true);
defaultTokenServices.setAuthenticationManager(authenticationManager);
返回服务;
}
@凌驾
公共无效配置(ClientDetailsServiceConfigurer客户端)引发异常{
jdbc(数据源);
}
@自动连线
私人AuthenticationManager AuthenticationManager;
@凌驾
公共无效配置(授权服务器端点配置器端点){
端点
.pathMapping(“/oauth/authorize”,Constant.AUTH_V1+”/oauth/authorize”)
.pathMapping(“/oauth/check_token”,Constant.AUTH_V1+”/oauth/check_token”)
.pathMapping(“/oauth/confirm\u access”,Constant.AUTH\u V1+”/AUTH/V1/oauth/confirm\u access”)
.pathMapping(“/oauth/error”,Constant.AUTH_V1+”/oauth/error)
.pathMapping(“/oauth/token”,Constant.AUTH_V1+“/oauth/token”)
.pathMapping(“/oauth/token\u key”,Constant.AUTH\u V1+“/oauth/token\u key”)
.tokenStore(tokenStore())
.userDetailsService(userDetailsService)
.authenticationManager(authenticationManager);
}
@事件监听器
公共无效authSuccessEventListener(AuthenticationSuccessEvent authorizedEvent){
//在此处编写用于登录成功审核的自定义代码
System.out.println(“用户Oauth2登录成功”);
System.out.println(“这是成功事件:+authorizedEvent.getSource());
}
@凌驾
public void configure(AuthorizationServerSecurityConfigure oauthServer)引发异常{
oauthServer
.tokenKeyAccess(“permitAll()”)
.checkTokenAccess(“isAuthenticated()”);
oauthServer.AllowFormAuthenticationForClient();
}
}
配置\ResourceServerConfig.java
包com.vcomm.server.configuration;
导入org.springframework.beans.factory.annotation.Autowired;
导入org.springframework.context.annotation.Bean;
导入org.springframework.context.annotation.Configuration;
导入org.springframework.security.authentication.AuthenticationManager;
导入org.springframework.security.config.annotation.web.builders.HttpSecurity;
导入org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
导入org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
导入org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigure;
导入org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
导入org.springframework.security.oauth2.provider.token.DefaultTokenServices;
导入org.springframework.security.oauth2.provider.token.TokenStore;
@配置
@EnableResourceServer
公共类ResourceServerConfig扩展了ResourceServerConfigurerAdapter{
@凌驾
public void configure(HttpSecurity http)引发异常{
http
.antMatcher(“/api/**”)
.授权请求()
.anyRequest()
.authenticated()
.及()
.例外处理()
.accessDeniedHandler(新的OAuth2AccessDeniedHandler());
}
@自动连线
代币店代币店;
@凌驾
public void配置(ResourceServerSecurityConfigure配置){
config.tokenServices(tokenServicesResourceServer());
}
@自动连线
私人AuthenticationManager AuthenticationManager;
@豆子
public DefaultTokenServices tokenServicesResourceServer(){
诽谤
{
"timestamp": 1582545217836,
"status": 401,
"error": "Unauthorized",
"message": "Unauthorized",
"path": "/auth/v1/oauth/authorize"
}
+-----------+--------------+---------------+-------+-------------------------------------------+-------------------------+-------------+-----------------------+------------------------+
| client_id | resource_ids | client_secret | scope | authorized_grant_types | web_server_redirect_uri | authorities | access_token_validity | refresh_token_validity |
+-----------+--------------+---------------+-------+-------------------------------------------+-------------------------+-------------+-----------------------+------------------------+
| clientapp | NULL | secret | read | password,authorization_code,refresh_token | http://localhost:8081/ | room | 36000 | 36000 |
+-----------+--------------+---------------+-------+-------------------------------------------+-------------------------+-------------+-----------------------+------------------------+