when hitting oauth/token api angular app, 401 unauthorized access denied error. not able figure out what's missing. please help.
below code
securityconfiguration.java
@order(2) @configuration @enablewebsecurity @enableglobalmethodsecurity(prepostenabled = true) public class securityconfiguration extends websecurityconfigureradapter { @autowired userdetailsservice customuserdetailsservice; @autowired private customlogoutsuccesshandler customlogoutsuccesshandler; private static string realm = "my_test_realm"; @autowired public void configureglobalsecurity(authenticationmanagerbuilder auth) throws exception { auth.userdetailsservice(customuserdetailsservice); } @override public void configure(httpsecurity http) throws exception { http .addfilterbefore(new websecurityconfig(), channelprocessingfilter.class) .exceptionhandling() .and() .logout() .logouturl("/oauth/logout") .logoutsuccesshandler(customlogoutsuccesshandler) .and() .csrf() .disable() .authorizerequests() .antmatchers("/uaa/**, /uaa/oauth/token, /uaa/oauth/authorize").hasrole("admin").anyrequest().authenticated(); } @override public void configure(websecurity web) throws exception { web.ignoring().antmatchers(httpmethod.options, "/**"); } @override @bean public authenticationmanager authenticationmanagerbean() throws exception { return super.authenticationmanagerbean(); } } oauthconfiguration.java
@configuration @enableauthorizationserver public class oauthconfiguration extends authorizationserverconfigureradapter { private final transient logger logger = loggerfactory.getlogger(oauthconfiguration.class); @autowired private datasource datasource; @autowired private customauthenticationentrypoint customauthenticationentrypoint; @autowired @qualifier("authenticationmanagerbean") private authenticationmanager authenticationmanager; @bean public tokenstore tokenstore() { return new jdbctokenstore(datasource); } @bean protected authorizationcodeservices authorizationcodeservices() { return new jdbcauthorizationcodeservices(datasource); } @bean public bcryptpasswordencoder passwordencoder() { return new bcryptpasswordencoder(); } @autowired userdetailsservice customuserdetailsservice; @bean @primary public defaulttokenservices tokenservices() { final defaulttokenservices tokenservices = new defaulttokenservices(); tokenservices.setsupportrefreshtoken(true); tokenservices.settokenstore(tokenstore()); return tokenservices; } @override public void configure(authorizationserverendpointsconfigurer endpoints) throws exception { endpoints.tokenstore(tokenstore()).authenticationmanager(authenticationmanager); endpoints.userdetailsservice(customuserdetailsservice); } @override public void configure(authorizationserversecurityconfigurer oauthserver) throws exception { oauthserver.tokenkeyaccess("permitall()").checktokenaccess("isauthenticated()") .authenticationentrypoint(customauthenticationentrypoint); oauthserver.addtokenendpointauthenticationfilter( new basicauthenticationfilter(authenticationmanager, customauthenticationentrypoint)); } @override public void configure(clientdetailsserviceconfigurer clients) throws exception { clients .jdbc(datasource).passwordencoder(passwordencoder()) .withclient("clientid") .authorizedgranttypes("password", "refresh_token", "authorization_code", "client_credentials", "implicit") .authorities("role_admin").scopes("read", "write", "trust").secret("123456") .accesstokenvalidityseconds(1800).refreshtokenvalidityseconds(3000); } } websecurityconfig.java
@component @order(ordered.highest_precedence) public class websecurityconfig implements filter{ @override public void dofilter(servletrequest req, servletresponse res, filterchain chain) throws ioexception, servletexception { httpservletresponse response = (httpservletresponse) res; httpservletrequest request = (httpservletrequest) req; response.setheader("access-control-allow-origin", "*"); response.setheader("access-control-allow-methods", "post, get, options, delete, put"); response.setheader("access-control-allow-headers", "content-type, authorization, x-requested-with, origin, accept, x-auth-token"); if ("options".equalsignorecase(request.getmethod())) { response.setstatus(httpservletresponse.sc_ok); } else { chain.dofilter(req, res); } } @override public void init(filterconfig filterconfig) { } @override public void destroy() { } } resourceserverconfig.java
@configuration @enableresourceserver public class resourceserverconfig extends globalmethodsecurityconfiguration { @override protected methodsecurityexpressionhandler createexpressionhandler() { return new oauth2methodsecurityexpressionhandler(); } } application.properties
security.oauth2.client.clientid: clientid security.oauth2.client.clientsecret: 123456 security.oauth2.client.authorized-grant-types: password,refresh_token,authorization_code,client_credentials security.oauth2.client.scope: read,write,trust security.oauth2.client.accesstokenuri=http://localhost:8080/uaa/oauth/token security.oauth2.client.userauthorizationuri=http://localhost:8080/uaa/oauth/authorize security.oauth2.client.authenticationscheme=query security.oauth2.client.clientauthenticationscheme=form security.oauth2.resource.filter-order = 3 spring.oauth2.resource.userinfouri: http://localhost:8080/uaa/user
in case stuck similar problem. below solution:
there problem in jdbctokenstore. had create protected inner class extends jdbctokenstore , define own readaccesstoken() method. solved issue.
Comments
Post a Comment