您的位置: 首页  >  技术问答  >  Oauth2和Spring-Security:使用Oauth2和spring-security进行身份验证失败

Oauth2和Spring-Security:使用Oauth2和spring-security进行身份验证失败

分类: 技术问答 2022-03-14 17:53:37

Oauth2和Spring-Security:使用Oauth2和spring-security进行身份验证失败

问题描述:

我想使用Oauth2和Spring-security与休息Web服务。我是新的,我正在尝试通过一些网站的帮助创建配置。不过,我显然不明白oauth如何以及为oauth进行身份认证的流程。我正在使用最新的依赖关系点击链接查看我的配置。我正在使用数据库来存储客户端信息和令牌。当我尝试访问该令牌时,使用以下请求和发布正文的URL:

I want to use Oauth2 and Spring-security with rest web service. I am new for this, i am trying to create configuration with the help of some websites. Still, i clearly not understand how and what is the flow for oauth authenticate for rest service. i am using latest dependencies Click on the link for see my configurations. I am using database for store clients information and tokens. when i trying to access the token, using follwoing url with post request and post body: 

http://localhost:8080/empirecl-api/oauth/token
grant_type=password&username=a@a.com&password=password&client_id=my-client-with-secret&client_secret=ak_secret

将显示基本身份验证弹出框。我正在使用chrome rest postman客户端。我在我的数据库中存储用户表,用户名和密码,当我输入用户名密码时,验证失败,如果我使用我的 client_id client_secret 作为用户名密码,认证失败。当我取消 json 之后的基本身份验证的弹出时,返回:

The basic authentication pop-up box will appear. I am using chrome rest postman client. I have user table in my database where i store, username and password, when i enter those username and password, the authentication fail, If i use i my client_id and client_secret as a username and password, the authentication is fail. When i cancel the pop of basic authentication following json is return: 

{
"error": "unauthorized",
"error_description": "No client with requested id: a@a.com"
}

我无法确定会发生什么。

I am unable to figure out what will happen.

当我尝试访问以下网址获得reqquest:

When i trying to access following url with get reqquest: 

http://localhost:8080/empirecl-api/oauth/authorize?grant_type=password&username=a@a.com&password=password

以下错误将返回:

{
"error": {
    "error": "invalid_client",
    "error_description": "Bad client credentials"
}
}

当我检查控制台中的错误时,eclipse显示以下错误:

When i check the error in console, of eclipse, the follwoing error is display: 

AuthorizationEndpoint:436 - Handling ClientRegistrationException error: No client with requested id: null

我如何解决这个问题,以及如何使用Oauth和我的休息api。我也想用Oauth来保护我的所有休息地址。

How i resolve this problem and how to use Oauth with my rest api. I also want to secure my all rest url with Oauth.

您需要将您的客户端用户名和密码作为Base64编码的授权头文件传递。

You need to pass your client username and password as a Base64 encoded Authorization header.

尝试使用卷曲。这是一个例子:

Try using curl. Here is an example:


curl -v -X POST \

-HContent-类型:application / json\

-H授权:基本MzUzYjMwMmM0NDU3NGY1NjUwNDU2ODdlNTM0ZTdkNmE6Mjg2OTI0Njk3ZTYxNWE2NzJhNjQ2YTQ5MzU0NTY0NmM =\

'http:// localhost:8080 / empirecl-api / oauth / token? grant_type = password& username=a@a.com& password = password'

我有一个描述的工作示例href =http://porterhead.blogspot.co.uk/2014/05/securing-rest-services-with-spring.html =nofollow> here

I have a working example described here

相关推荐