使用Spring oauth2使用OAuth安全的REST Web服务(Consume an OAuth

使用Spring OAuth2使用OAuth安全的REST Web服务(Consume an OAuth-secured REST webservice using Spring oauth2)

我想从服务器使用REST Web服务，该服务器使用oauth2保护其资源。

我使用Spring boot（JHipster）。

要做到这一点，我在SecurityConfiguration类中有：

@Value("${oauth.resource:http://sercverUsingOAuth2}") private String baseUrl; @Value("${oauth.authorize:http://sercverUsingOAuth2/rest/oauth/token}") private String authorizeUrl; @Value("${oauth.token:http://sercverUsingOAuth2/rest/oauth/token}") private String tokenUrl; @Bean public OAuth2RestOperations oauth2RestTemplate() { AccessTokenRequest atr = new DefaultAccessTokenRequest(); return new OAuth2RestTemplate(resource(), new DefaultOAuth2ClientContext(atr)); } @Bean protected OAuth2ProtectedResourceDetails resource() { AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails(); resource.setAccessTokenUri(tokenUrl); resource.setUserAuthorizationUri(authorizeUrl); resource.setClientId("client_id"); resource.setClientSecret("client_secret"); resource.setGrantType("grant_type"); return resource; }

此类（ SecurityConfiguration ）使用以下方法进行注释：

@Configuration @EnableWebSecurity @EnableOAuth2Client

这是我的controller （Spring MVC）：

@RestController @RequestMapping("/consume") public class MyContrtoller { @Inject private OAuth2RestOperations oauth2RestTemplate; @RequestMapping(value = "/oauth2", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public List<DataModel> getProducts() { ResponseEntity<MyModel> forEntity = oauth2RestTemplate .getForEntity("http://sercverUsingOAuth2/rest/resourceToConsume", MyModel.class); return forEntity.getBody().getData(); }

}

但是当我想要使用我的webservice（ http：// myHost / consume / oauth2 ）时，我得到了这个例外：

org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException: Unable to obtain a new access token for resource 'null'. The provider manager is not configured to support it.

我用Google搜索，我发现了这个：

github上 堆栈溢出

但它对我没有帮助。

谢谢。

I want to consume a REST webservice from a server which protects his resources using oauth2.

I use Spring boot (JHipster).

To do this i have in SecurityConfiguration class this :

@Value("${oauth.resource:http://sercverUsingOAuth2}") private String baseUrl; @Value("${oauth.authorize:http://sercverUsingOAuth2/rest/oauth/token}") private String authorizeUrl; @Value("${oauth.token:http://sercverUsingOAuth2/rest/oauth/token}") private String tokenUrl; @Bean public OAuth2RestOperations oauth2RestTemplate() { AccessTokenRequest atr = new DefaultAccessTokenRequest(); return new OAuth2RestTemplate(resource(), new DefaultOAuth2ClientContext(atr)); } @Bean protected OAuth2ProtectedResourceDetails resource() { AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails(); resource.setAccessTokenUri(tokenUrl); resource.setUserAuthorizationUri(authorizeUrl); resource.setClientId("client_id"); resource.setClientSecret("client_secret"); resource.setGrantType("grant_type"); return resource; }

This class (SecurityConfiguration) is annoted using :

@Configuration @EnableWebSecurity @EnableOAuth2Client

And this is my controller (Spring MVC) :

@RestController @RequestMapping("/consume") public class MyContrtoller { @Inject private OAuth2RestOperations oauth2RestTemplate; @RequestMapping(value = "/oauth2", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public List<DataModel> getProducts() { ResponseEntity<MyModel> forEntity = oauth2RestTemplate .getForEntity("http://sercverUsingOAuth2/rest/resourceToConsume", MyModel.class); return forEntity.getBody().getData(); }

}

However when i want to consume my webservice (http://myHost/consume/oauth2) i get this Exception :

org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException: Unable to obtain a new access token for resource 'null'. The provider manager is not configured to support it.

I have googled and i found this :

github stackoverflow

But it doesn't help me.

Thanks.

最满意答案

您使用的是授权网址和令牌网址的相同网址。 这是我的第一个线索，然后我看到了你的评论。

即使您正在更改授权类型，当您应该使用“ClientCredentialsResourceDetails”时，仍然使用“AuthorizationCodeResourceDetails”。 这种类型的ResourceDetails旨在用于您正在解释的案例。

ClientCredentialsResourceDetails resource = new ClientCredentialsResourceDetails(); resource.setAccessTokenUri(TOKEN_URL); resource.setClientId(CLIENT_ID); resource.setClientSecret(CLIENT_SECRET); resource.setClientAuthenticationScheme(AuthenticationScheme.form); //This line isn't always needed return resource;

You are using the same URL for the authorization url and the token url. That was my first clue, then I saw your comments.

Even though you are changing the grant type, you are still using "AuthorizationCodeResourceDetails" when you should be using "ClientCredentialsResourceDetails" instead. This type of ResourceDetails is meant to be used for the case you are explaining.

ClientCredentialsResourceDetails resource = new ClientCredentialsResourceDetails(); resource.setAccessTokenUri(TOKEN_URL); resource.setClientId(CLIENT_ID); resource.setClientSecret(CLIENT_SECRET); resource.setClientAuthenticationScheme(AuthenticationScheme.form); //This line isn't always needed return resource;