我使用
Spring集成的Oauth2创建了一个应用程序.我有自己的自定义登录和授权模板.成功通过身份验证后,它会重定向到授权.html,要求用户批准.问题是当我点击甚至批准或拒绝按钮操作总是拒绝,如下表所示
另外,我们如何使用oauth2启用基于REST的身份验证和授权.我尝试禁用csrf以使用户能够进行身份验证和授权,但仍然无法正常工作.
任何人都可以帮我这个.
您可以从here下载并查看完整申请表(根据上一个建议更新于19/11/2017)
更新1
根据@fateddy的建议,我使用ApprovalStoreUserApprovalHandler使用了选项3.我使用了确切的authorize.html.
假设我的数据库中有两个客户端(client123和client789).
客户端client123未启用自动批准,客户端client789启用了openid范围的自动批准选项.
现在的问题是,当我单击批准按钮时,我收到client123的以下异常.
error =“invalid_client”,error_description =“错误的客户端凭据”
OAuth2Config.java如下所示
@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Bean
public UserApprovalHandler userApprovalHandler() {
ApprovalStoreUserApprovalHandler userApprovalHandler= new ApprovalStoreUserApprovalHandler();
userApprovalHandler.setApprovalStore(approvalStore());
userApprovalHandler.setClientDetailsService(clientDetailsService());
userApprovalHandler.setRequestFactory(requestFactory());
return userApprovalHandler;
}
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Bean
public DefaultOAuth2RequestFactory requestFactory(){
return new DefaultOAuth2RequestFactory(clientDetailsService());
}
@Bean
public ClientDetailsService clientDetailsService() {
return new JdbcClientDetailsService(dataSource);
}
@Bean
public ApprovalStore approvalStore() {
return new JdbcApprovalStore(dataSource);
}
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource);
}
@Bean
public AuthorizationCodeServices authorizationCodeServices() {
return new JdbcAuthorizationCodeServices(dataSource);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
//endpoints.tokenStore(tokenStore());
// endpoints.approvalStore(approvalStore());
endpoints.userApprovalHandler(userApprovalHandler());
endpoints.authorizationCodeServices(authorizationCodeServices());
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.jdbc(dataSource);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer authorizationServerSecurityConfigurer) throws Exception {
authorizationServerSecurityConfigurer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
}
authorize.html
Please Confirm
Do you authorize "${authorizationRequest.clientId}" at "${authorizationRequest.redirectUri}" to access your protected resources
with scope ${authorizationRequest.scope?join(", ")}.
Read
Approve