通过使用以下curl命令,我可以访问令牌并获得以下响应
curl用户名:密码@机器名:11002 / appName / oauth /令牌-d grant_type =密码-d用户名= loginFormUserID -d密码= loginFormUserPassword
回应:{
“ entity_id”:9
“ entity_type”:“”,
“ refresh_token”:“ eyJhbGciOiJSUzI1NiJ9。”,
“ scope”:“登录”,
“ expires_in”:3599,
“ entity_name”:“ name”,
“ access_token”:“ eyJhbGciOiJSUzI1NiJ9.ey”,
“ token_type”:“承载者”
}
如果我将使用spring OAuth2RestTemplate我被拒绝访问,这是我的代码详细信息
ResourceOwnerPasswordAccessTokenProvider provider = new ResourceOwnerPasswordAccessTokenProvider();
ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails();
resource.setClientAuthenticationScheme(AuthenticationScheme.form);
resource.setAccessTokenUri("http://machinename:11002/appName/oauth/token");
resource.setClientId("loginFormUserID");
resource.setClientSecret("loginFormUserPassword");
resource.setGrantType("password");
resource.setUsername("username");
resource.setPassword("password");
OAuth2AccessToken accessToken = provider.obtainAccessToken(resource, new DefaultAccessTokenRequest());
OAuth2RestTemplate restTemplateQ = new OAuth2RestTemplate(resource, new DefaultOAuth2ClientContext(accessToken));
System.out.println( restTemplateQ.getAccessToken());
“线程” main“中的异常error =” access_denied“,error_description =”请求访问令牌时出错。
在org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:145)
在org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider.obtainAccessToken(ResourceOwnerPasswordAccessTokenProvider.java:47)处
在com.copart.g1.seller.middleware.client.RestTemplateTest.main(RestTemplateTest.java:55)
引起原因:org.springframework.web.client.HttpClientErrorException:401未经授权
在org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:91)
在org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport $ AccessTokenErrorHandler.handleError(OAuth2AccessTokenSupport.java:244)
在org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:641)
在org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:597)
在org.springframework.web.client.RestTemplate.execute(RestTemplate.java:565)
在org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport.retrieveToken(OAuth2AccessTokenSupport.java:137)
...另外2个
最佳答案
您需要删除resource.setClientAuthenticationScheme(AuthenticationScheme.form);
正确的形式是AuthenticationScheme.header
类ResourceOwnerPasswordResourceDetails扩展了BaseOAuth2ProtectedResourceDetails,如果您看到此类,则值为AuthenticationScheme.header
谢谢
关于java - OAuth2RestTemplate身份验证问题得到access_denied,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/34192631/