carnellj
commented
7 years ago Hi Kyle did you remember to set application key and password in the basic auth headers.
Sent from my iPhone
On Apr 5, 2017, at 8:24 PM, Kyel John M. David notifications@github.com wrote:
I'm trying out spring securty oauth2 with in memory users, and running it through postman.
I've only set 3 classes namely,
Application.java
@SpringBootApplication @RestController @EnableResourceServer @EnableAuthorizationServer public class Application {
@RequestMapping(value = { "/user" }, produces = "application/json") public Map<String, Object> user(OAuth2Authentication user) { Map<String, Object> userInfo = new HashMap<>(); userInfo.put("user", user.getUserAuthentication().getPrincipal()); userInfo.put("authorities", AuthorityUtils.authorityListToSet(user.getUserAuthentication().getAuthorities())); return userInfo; } public static void main(String[] args) { SpringApplication.run(Application.class, args); }} WebSecurityConfigure.java
@Configuration public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter { @Override @Bean public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests() .anyRequest().authenticated() .antMatchers("/oauth/token/").permitAll().and().formLogin().and().httpBasic(); }
@Override @Bean public UserDetailsService userDetailsServiceBean() throws Exception { return super.userDetailsServiceBean(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth .inMemoryAuthentication() .withUser("john.carnell").password("password1").roles("USER") .and() .withUser("william.woodward").password("password2").roles("USER", "ADMIN"); }} and lastly
@Configuration public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Autowired private AuthenticationManager authenticationManager; @Autowired private UserDetailsService userDetailsService; @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("eagleeye") .secret("thisissecret") .authorizedGrantTypes("refresh_token", "password", "client_credentials") .scopes("webclient", "mobileclient"); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints .authenticationManager(authenticationManager) .userDetailsService(userDetailsService); }}
However upon passing the valid credentials on POSTMAN. give me a response of
{ "timestamp": 1491436869552, "status": 401, "error": "Unauthorized", "message": "Bad credentials", "path": "/oauth/token/" }
Did I missed anything on my configuration?
I was basing this on your example I just removed Hystrix, Zuul.. This is just a standalone Auth server. Here are the parameters I have passed on Postman (Check the images below)
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
kyeljmd
I'm trying out spring securty oauth2 with in memory users, and running it through postman.
I've only set 3 classes namely,
Application.java
WebSecurityConfigure.java
and lastly
However upon passing the valid credentials on POSTMAN. give me a response of
{ "timestamp": 1491436869552, "status": 401, "error": "Unauthorized", "message": "Bad credentials", "path": "/oauth/token/" }
Did I missed anything on my configuration?
I was basing this on your example I just removed Hystrix, Zuul.. This is just a standalone Auth server. Here are the parameters I have passed on Postman (Check the images below)
http://imgur.com/U21U8jo
http://imgur.com/j7Qb6eA