添加json方式请求获取token
oauth2通过/oauth/token接口请求获取token,而源码中参数默认采用的是@RequestParam(x-www-form-urlencoded),而第三方请求中被转换成@RequestParam(json),到时无法获取token
@RequestMapping(value = "/oauth/token", method=RequestMethod.GET)
public ResponseEntity<OAuth2AccessToken> getAccessToken(Principal principal, @RequestParam
Map<String, String> parameters) throws HttpRequestMethodNotSupportedException {
if (!allowedRequestMethods.contains(HttpMethod.GET)) {
throw new HttpRequestMethodNotSupportedException("GET");
}
return postAccessToken(principal, parameters);
}
@RequestMapping(value = "/oauth/token", method=RequestMethod.POST)
public ResponseEntity<OAuth2AccessToken> postAccessToken(Principal principal, @RequestParam
Map<String, String> parameters) throws HttpRequestMethodNotSupportedException {
//略
}
解决: 暴力方式检验,不是最优方案,只是提供思路
添加实体类
import lombok.Data;
/**
* @author: Lucky
* @date: 2019/03/27
* <p>
*/
@Data
public class OauthTokenRequestBody {
private String username;
private String password;
private String scope;
private String grant_type;
}
然后复制一份修改如下:
//@FrameworkEndpoint 级别注释
@RestController //修成
@Slf4j
public class TokenEndpoint extends AbstractEndpoint {
@RequestMapping(value = "/oauth/mytoken", method=RequestMethod.GET)
public ResponseEntity<OAuth2AccessToken> getAccessTokenGz(Principal principal, @RequestBody
OauthTokenRequestBody parameters) throws HttpRequestMethodNotSupportedException {
log.info("GET重写一个是否调用 {}");
if (!allowedRequestMethods.contains(HttpMethod.GET)) {
throw new HttpRequestMethodNotSupportedException("GET");
}
return postAccessTokenGz(principal, parameters);
}
@RequestMapping(value = "/oauth/mytoken", method=RequestMethod.POST)
public ResponseEntity<OAuth2AccessToken> postAccessTokenGz(Principal principal, @RequestBody
OauthTokenRequestBody oauthTokenRequestBody) throws HttpRequestMethodNotSupportedException {
log.info("POST重写一个是否调用 {}");
Map<String, String> parameters = new HashMap<>();
String username = oauthTokenRequestBody.getUsername();
String password = oauthTokenRequestBody.getPassword();
String scope = oauthTokenRequestBody.getScope();
String grant_type = oauthTokenRequestBody.getGrant_type();
parameters.put("username",username);
parameters.put("password",password);
parameters.put("scope",scope);
parameters.put("grant_type",grant_type);
// if (!(principal instanceof Authentication)) {
// throw new InsufficientAuthenticationException(
// "There is no client authentication. Try adding an appropriate authentication filter.");
// }
//TODO lucky 调整 clientId
//String clientId2 = getClientId(principal);
String clientId = "test";//getClientId(principal);
ClientDetails authenticatedClient = getClientDetailsService().loadClientByClientId(clientId);
//略
}