OAuth2 não é acessível a partir de arrogância

votos
0

Estou ficando 401 quando tento acessar OAuth2 de arrogância. Ele está funcionando bem, se Swagger é configurado no mesmo projeto e em execução na mesma porta. Mas quando eu configurar arrogância em outro projeto com porta diferente, então ele dá 401.

OAuth2 é acessível e funcionando bem com Postman. Eu não sou capaz de encontrar por isso que está dando 401 de porta diferente. Fui verificar regras de entrada / saída da porta de correr. Existe alguma outra configuração necessária para o acesso OAuth de diferentes servidor ou porta?

Projeto OAuth2 está configurado em http: // localhost: 8090 / projeto SpringBoot está configurado em http: // localhost: 8888 / de onde OAuth2 está dando 401.

WebSecurityConfiguration

@Configuration
@EnableWebSecurity
public class CustomWebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Lazy
    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception {
        auth
                .userDetailsService(userDetailsService)
                .passwordEncoder(passwordEncoder);
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers(HttpMethod.OPTIONS).permitAll()
                .antMatchers(/oauth/**).permitAll()
                .antMatchers(/login).permitAll()
                .anyRequest().authenticated()
                .and()
                .httpBasic()
                .and()
                .csrf().disable();
    }
    /*
     * https://github.com/spring-projects/spring-boot/issues/11136
     * Expose it manually (there is bug)
     *
     * */


    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
}

AuthorizationServerConfig:

@Configuration
@EnableAuthorizationServer
public class CustomAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    private static final String CLIENT_ID = client;
    private static final String CLIENT_SECRET = secret;
    private static final String GRANT_TYPE_PASSWORD = password;
    private static final String GRANT_TYPE_CLIENT_CREDENTIALS = client_credentials;
    private static final String GRANT_TYPE_REFRESH_TOKEN = refresh_token;
    private static final String GRANT_TYPE_AUTH_CODE = authorization_code;

    private static final String SCOPE_READ = read;
    private static final String SCOPE_WRITE = write;
    private static final String SCOPE_TRUST = trust;

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private CustomUserDetailService userDetailsService;
    @Autowired
    private PasswordEncoder passwordEncoder;

    @Value(${config.oauth2.tokenTimeout})
    private int ACCESS_TOKEN_VALIDITY_SECONDS;

    @Value(${config.oauth2.tokenTimeout})
    private int REFRESH_TOKEN_VALIDITY_SECONDS;

    @Value(${config.oauth2.privateKey})
    private String privateKey;

    @Value(${config.oauth2.publicKey})
    private String publicKey;

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients
                .inMemory()
                .withClient(CLIENT_ID)
                .authorizedGrantTypes(GRANT_TYPE_CLIENT_CREDENTIALS, GRANT_TYPE_PASSWORD, GRANT_TYPE_REFRESH_TOKEN, GRANT_TYPE_AUTH_CODE)
                .authorities(ROLE_CLIENT, ROLE_TRUSTED_CLIENT)
                .scopes(SCOPE_READ, SCOPE_WRITE, SCOPE_TRUST)
                .resourceIds(oauth2-resource)
                .accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS)
                .refreshTokenValiditySeconds(REFRESH_TOKEN_VALIDITY_SECONDS)
                .secret(passwordEncoder.encode(CLIENT_SECRET));
    }


    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.authenticationManager(authenticationManager)
                .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
                .tokenStore(tokenStore())
                .userDetailsService(userDetailsService)
                .tokenServices(tokenServices())
                .accessTokenConverter(accessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey(privateKey);

        return converter;
    }

    @Bean
    public JwtTokenStore tokenStore() {
        return new JwtTokenStore(accessTokenConverter());
    }

    @Bean
    @Primary
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        defaultTokenServices.setTokenEnhancer(accessTokenConverter());
        return defaultTokenServices;
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security.checkTokenAccess(isAuthenticated())
                .tokenKeyAccess(permitAll());
    }
}

WebSecureConfigurerAdapter:

@Configuration
@EnableResourceServer
public class CustomResourceConfig extends ResourceServerConfigurerAdapter {    
    @Value(${config.oauth2.publicKey})
    private String publicKey;

    @Value(${config.oauth2.privateKey})
    private String privateKey;

    @Value(${config.oauth2.resource.id})
    private String resourceId;

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .csrf().disable()
                .authorizeRequests()
                .antMatchers(HttpMethod.OPTIONS).authenticated()
                .antMatchers(HttpMethod.OPTIONS).permitAll()
                .antMatchers(/, /home, /register, /login).permitAll()
                .antMatchers(/oauth/**).authenticated();

    }

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources
                .resourceId(resourceId)
                .tokenServices(tokenServices())
                .tokenStore(tokenStore());
    }

    @Bean
    @Primary
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        defaultTokenServices.setTokenEnhancer(accessTokenConverter());
        return defaultTokenServices;
    }


    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey(privateKey);
        return converter;
    }

    @Bean
    public JwtTokenStore tokenStore() {
        return new JwtTokenStore(accessTokenConverter());
    }
}
Publicado 20/10/2018 em 14:03
fonte usuário
Em outras línguas...                            

Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more