Closed kyeljmd closed 7 years ago
Hi Kyle did you remember to set application key and password in the basic auth headers.
Sent from my iPhone
On Apr 5, 2017, at 8:24 PM, Kyel John M. David notifications@github.com wrote:
I'm trying out spring securty oauth2 with in memory users, and running it through postman.
I've only set 3 classes namely,
Application.java
@SpringBootApplication @RestController @EnableResourceServer @EnableAuthorizationServer public class Application {
@RequestMapping(value = { "/user" }, produces = "application/json") public Map<String, Object> user(OAuth2Authentication user) { Map<String, Object> userInfo = new HashMap<>(); userInfo.put("user", user.getUserAuthentication().getPrincipal()); userInfo.put("authorities", AuthorityUtils.authorityListToSet(user.getUserAuthentication().getAuthorities())); return userInfo; } public static void main(String[] args) { SpringApplication.run(Application.class, args); }
} WebSecurityConfigure.java
@Configuration public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter { @Override @Bean public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Override protected void configure(HttpSecurity http) throws Exception { http.csrf().disable().authorizeRequests() .anyRequest().authenticated() .antMatchers("/oauth/token/").permitAll().and().formLogin().and().httpBasic(); }
@Override @Bean public UserDetailsService userDetailsServiceBean() throws Exception { return super.userDetailsServiceBean(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth .inMemoryAuthentication() .withUser("john.carnell").password("password1").roles("USER") .and() .withUser("william.woodward").password("password2").roles("USER", "ADMIN"); }
} and lastly
@Configuration public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Autowired private AuthenticationManager authenticationManager; @Autowired private UserDetailsService userDetailsService; @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("eagleeye") .secret("thisissecret") .authorizedGrantTypes("refresh_token", "password", "client_credentials") .scopes("webclient", "mobileclient"); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints .authenticationManager(authenticationManager) .userDetailsService(userDetailsService); }
}
However upon passing the valid credentials on POSTMAN. give me a response of
{ "timestamp": 1491436869552, "status": 401, "error": "Unauthorized", "message": "Bad credentials", "path": "/oauth/token/" }
Did I missed anything on my configuration?
I was basing this on your example I just removed Hystrix, Zuul.. This is just a standalone Auth server. Here are the parameters I have passed on Postman (Check the images below)
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.
@carnellj I was able to fix this by adding the ff code:
`
I'm trying out spring securty oauth2 with in memory users, and running it through postman.
I've only set 3 classes namely,
Application.java
WebSecurityConfigure.java
and lastly
However upon passing the valid credentials on POSTMAN. give me a response of
{ "timestamp": 1491436869552, "status": 401, "error": "Unauthorized", "message": "Bad credentials", "path": "/oauth/token/" }
Did I missed anything on my configuration?
I was basing this on your example I just removed Hystrix, Zuul.. This is just a standalone Auth server. Here are the parameters I have passed on Postman (Check the images below)
http://imgur.com/U21U8jo
http://imgur.com/j7Qb6eA