OAuth2 ist nicht erreichbar von Prahlerei

stimmen
0

Ich erhalte 401, wenn ich versuche OAuth2 von Prahlerei zuzugreifen. Es funktioniert gut, wenn Swagger in demselben Projekt und läuft auf demselben Port konfiguriert ist. Aber wenn ich Prahlerei in einem anderen Projekt mit anderen Port konfigurieren dann gibt es 401.

OAuth2 zugänglich ist und die Arbeit mit Postman in Ordnung. Ich bin nicht in der Lage zu finden, warum es 401 aus anderen Port geben. Ich habe inbound / outbound Regeln des laufenden Port geprüft. Gibt es eine andere Konfiguration erforderlich für den Zugriff auf OAuth von einem anderen Server oder Port?

OAuth2 Projekt wird auf konfiguriert http: // localhost: 8090 / SpringBoot Projekt konfiguriert ist http: // localhost: 8888 / von wo OAuth2 401 geben.

WebSecurityConfiguration

@Configuration
@EnableWebSecurity
public class CustomWebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Lazy
    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception {
        auth
                .userDetailsService(userDetailsService)
                .passwordEncoder(passwordEncoder);
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers(HttpMethod.OPTIONS).permitAll()
                .antMatchers(/oauth/**).permitAll()
                .antMatchers(/login).permitAll()
                .anyRequest().authenticated()
                .and()
                .httpBasic()
                .and()
                .csrf().disable();
    }
    /*
     * https://github.com/spring-projects/spring-boot/issues/11136
     * Expose it manually (there is bug)
     *
     * */


    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
}

AuthorizationServerConfig:

@Configuration
@EnableAuthorizationServer
public class CustomAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    private static final String CLIENT_ID = client;
    private static final String CLIENT_SECRET = secret;
    private static final String GRANT_TYPE_PASSWORD = password;
    private static final String GRANT_TYPE_CLIENT_CREDENTIALS = client_credentials;
    private static final String GRANT_TYPE_REFRESH_TOKEN = refresh_token;
    private static final String GRANT_TYPE_AUTH_CODE = authorization_code;

    private static final String SCOPE_READ = read;
    private static final String SCOPE_WRITE = write;
    private static final String SCOPE_TRUST = trust;

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private CustomUserDetailService userDetailsService;
    @Autowired
    private PasswordEncoder passwordEncoder;

    @Value(${config.oauth2.tokenTimeout})
    private int ACCESS_TOKEN_VALIDITY_SECONDS;

    @Value(${config.oauth2.tokenTimeout})
    private int REFRESH_TOKEN_VALIDITY_SECONDS;

    @Value(${config.oauth2.privateKey})
    private String privateKey;

    @Value(${config.oauth2.publicKey})
    private String publicKey;

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients
                .inMemory()
                .withClient(CLIENT_ID)
                .authorizedGrantTypes(GRANT_TYPE_CLIENT_CREDENTIALS, GRANT_TYPE_PASSWORD, GRANT_TYPE_REFRESH_TOKEN, GRANT_TYPE_AUTH_CODE)
                .authorities(ROLE_CLIENT, ROLE_TRUSTED_CLIENT)
                .scopes(SCOPE_READ, SCOPE_WRITE, SCOPE_TRUST)
                .resourceIds(oauth2-resource)
                .accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS)
                .refreshTokenValiditySeconds(REFRESH_TOKEN_VALIDITY_SECONDS)
                .secret(passwordEncoder.encode(CLIENT_SECRET));
    }


    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.authenticationManager(authenticationManager)
                .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
                .tokenStore(tokenStore())
                .userDetailsService(userDetailsService)
                .tokenServices(tokenServices())
                .accessTokenConverter(accessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey(privateKey);

        return converter;
    }

    @Bean
    public JwtTokenStore tokenStore() {
        return new JwtTokenStore(accessTokenConverter());
    }

    @Bean
    @Primary
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        defaultTokenServices.setTokenEnhancer(accessTokenConverter());
        return defaultTokenServices;
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security.checkTokenAccess(isAuthenticated())
                .tokenKeyAccess(permitAll());
    }
}

WebSecureConfigurerAdapter:

@Configuration
@EnableResourceServer
public class CustomResourceConfig extends ResourceServerConfigurerAdapter {    
    @Value(${config.oauth2.publicKey})
    private String publicKey;

    @Value(${config.oauth2.privateKey})
    private String privateKey;

    @Value(${config.oauth2.resource.id})
    private String resourceId;

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .csrf().disable()
                .authorizeRequests()
                .antMatchers(HttpMethod.OPTIONS).authenticated()
                .antMatchers(HttpMethod.OPTIONS).permitAll()
                .antMatchers(/, /home, /register, /login).permitAll()
                .antMatchers(/oauth/**).authenticated();

    }

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources
                .resourceId(resourceId)
                .tokenServices(tokenServices())
                .tokenStore(tokenStore());
    }

    @Bean
    @Primary
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        defaultTokenServices.setTokenEnhancer(accessTokenConverter());
        return defaultTokenServices;
    }


    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey(privateKey);
        return converter;
    }

    @Bean
    public JwtTokenStore tokenStore() {
        return new JwtTokenStore(accessTokenConverter());
    }
}
Veröffentlicht am 20/10/2018 um 14:03
quelle vom benutzer
In anderen Sprachen...                            


1 antworten

stimmen
0

In Swagger Konfiguration sollte OAuth Sicherheitsschema richtig beim Erstellen Dockte Instanz initialisiert werden. Hier Access - Token URI ist so etwas wie: http: // localhost: 8080 / api / oauth / Token

@Value("${config.oauth2.accessTokenUri}")
private String accessTokenUri;


@Bean
public Docket productApi() {
return new Docket(DocumentationType.SWAGGER_2)
                .select().apis(RequestHandlerSelectors.basePackage("com.authentication")).paths(regex("/.*"))
                .paths(PathSelectors.any())
                .build()
                .securityContexts(Collections.singletonList(securityContext()))
                .securitySchemes(Arrays.asList(securitySchema()))
                .apiInfo(apiInfo());
}
private OAuth securitySchema() {

    List<AuthorizationScope> authorizationScopeList = newArrayList();
    authorizationScopeList.add(new AuthorizationScope("read", "read all"));
    authorizationScopeList.add(new AuthorizationScope("write", "access all"));

    List<GrantType> grantTypes = newArrayList();
    GrantType passwordCredentialsGrant = new ResourceOwnerPasswordCredentialsGrant(accessTokenUri);
    grantTypes.add(passwordCredentialsGrant);

    return new OAuth("oauth2", authorizationScopeList, grantTypes);
}

private SecurityContext securityContext() {
    return SecurityContext.builder().securityReferences(defaultAuth())
            .build();
}
Beantwortet am 01/10/2019 um 11:56
quelle vom benutzer

Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more