spring oauth2，无法检索用户信息_Spring_Oauth 2.0_Spring Oauth2

spring oauth2，无法检索用户信息

spring oauth-2.0

spring oauth2，无法检索用户信息,spring,oauth-2.0,spring-oauth2,Spring,Oauth 2.0,Spring Oauth2,找不到说明如何使用access\u令牌获取用户信息的文档我怎样才能做出这样的结论当我访问/user端点时，我看到OAuth2AuthenticationProcessingFilter不包括在内。我想我把下面的东西搞砸了 @Configuration @EnableWebSecurity @Order(2) // after ResourceServerConfigurerAdapter public class SecurityConfig extends WebSecurityConf

找不到说明如何使用access\u令牌获取用户信息的文档

我怎样才能做出这样的结论

当我访问/user端点时，我看到OAuth2AuthenticationProcessingFilter不包括在内。我想我把下面的东西搞砸了

@Configuration
@EnableWebSecurity
@Order(2)
// after ResourceServerConfigurerAdapter
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Override
  protected void configure(HttpSecurity http) throws Exception {
    http
      // https://stackoverflow.com/questions/26387003/how-to-make-spring-boot-never-issue-session-cookie
      .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
      .authorizeRequests()
      .antMatchers("/", "index", "/login**", "/webjars/**")
      .permitAll()
      .and().exceptionHandling()
      .authenticationEntryPoint(authenticationEntryPoint)
      .accessDeniedHandler(oAuth2FailedHandler)
      .and().csrf().disable().authorizeRequests()                                                                                                                                       
      .and().addFilterBefore(new CORSFilter(), BasicAuthenticationFilter.class);                                                                                                    }
}
I also have..

@Order(3)
@Configuration
@EnableResourceServer
@Slf4j
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(final ResourceServerSecurityConfigurer config) {
        config.tokenServices(tokenServices());
    }

   @Override
    public void configure(HttpSecurity http) throws Exception {
     // super.configure(http);

     log.info("hello OAuth2ResourceServerConfig:configure");
     http
        .authorizeRequests().anyRequest().authenticated();

    }

     @Bean
     @Primary
     public DefaultTokenServices tokenServices() {
         final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
         defaultTokenServices.setTokenStore(tokenStore());
         return defaultTokenServices;
     }

     // JDBC token store configuration

     @Bean
     public DataSource dataSource() {
         final DriverManagerDataSource dataSource = new DriverManagerDataSource();
         dataSource.setDriverClassName(env.getProperty("spring.datasource.driver-class-name"));
         dataSource.setUrl(env.getProperty("spring.datasource.url"));
         dataSource.setUsername(env.getProperty("spring.datasource.username"));
         dataSource.setPassword(env.getProperty("spring.datasource.password"));

         return dataSource;
     }

     @Bean
     public TokenStore tokenStore() {
         return new JdbcTokenStore(dataSource());
     }
}


@Configuration
 //@PropertySource({ "classpath:persistence.properties" })                                                                                                                         @EnableAuthorizationServer
 @Slf4j
 public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
    // ....
 }

添加具有以下内容的REST控制器：

@RequestMapping("/user")
public @ResponseBody Principal  user(Principal user) {
    return user;
}

然后您可以使用授权标头中的访问令牌调用它。

我还有

AuthorizationServerConfigurerAdapter

。。我不知道这些都隐藏着另一个。我有

SecurityConfig

来设置

SessionCreationPolicy.STATELESS

并添加CORSFilter。如果这是您的问题，那么资源服务器和身份验证服务器是同一个服务器。