无法获得

无法获得

关注
发信
关注(28)粉丝(399)

spirng boot 2 jwt oauth2 + angular 5无法获得JWT

本文介绍了spirng boot 2 jwt oauth2 + angular 5无法获得JWT的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我是使用Spring Boot和Spring Security的新手,我正在尝试实现oauth2以生成JWT并在angular5应用程序中使用此令牌,我的情况是,在实现后,如果使用邮递员,我可以获取该令牌或卷曲,但是当我以角度使用Web客户端时,我无法获得令牌.

I'm new working with spring boot and spring security and I'm trying to implement oauth2 to generate a JWT and used this token in an angular5 application, my situation is that after implementation I can get the token if a use postman or curl but when I use my web client in angular I can't get the token.

这就是我所做的.

我的登录方法是有角的

login(username: string, password: string ) {
    const params:  HttpParams = new  HttpParams();
    const headers: Headers = new Headers();

    params.set('username', 'GDELOSSANTOS');
    params.set('password', 'ADMIN');
    params.set('client_id', 'ADMIN');
    params.set('client_secret', 'ADMIN');
    params.set('grant_type', 'password');
    params.set('scope', '*');

    headers.set('Content-Type', 'application/x-www-form-urlencoded');

      return this.http.post(Constante.BACKEND_TOKEN_REQUEST, {headers}, {params} ).subscribe
          (res => this.setSession);
  }

我的授权服务器

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    private static final Logger logger = LogManager.getLogger(AuthorizationServerConfig.class);

    @Value("${security.oauth2.resource.id}")
    private String resourceId;

    @Autowired
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Override
    public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
        oauthServer.tokenKeyAccess("permitAll()")
        .checkTokenAccess("isAuthenticated()");
    }

    @Override
    public void configure(final ClientDetailsServiceConfigurer clients) throws Exception {
        logger.traceEntry();

        clients
        .inMemory()
        .withClient(ConstanteUtil.Seguridad.CLIEN_ID)
        .secret(Seguridad.CLIENT_SECRET)
        .authorizedGrantTypes(Seguridad.GRANT_TYPE_PASSWORD, Seguridad.AUTHORIZATION_CODE, Seguridad.REFRESH_TOKEN, Seguridad.IMPLICIT )
        .authorities(UsusarioRoles.ROLE_ADMIN, UsusarioRoles.ROLE_USER)
        .resourceIds(resourceId)
        .scopes(Seguridad.SCOPE_READ, Seguridad.SCOPE_WRITE, Seguridad.TRUST)
        .accessTokenValiditySeconds(Seguridad.ACCESS_TOKEN_VALIDITY_SECONDS).
        refreshTokenValiditySeconds(Seguridad.FREFRESH_TOKEN_VALIDITY_SECONDS);
        logger.info("Configuracion " + clients);
        logger.traceExit();
    }

    @Bean
    @Primary
    public DefaultTokenServices tokenServices() {
        final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        defaultTokenServices.setSupportRefreshToken(true);
        return defaultTokenServices;
    }

    @Override
    public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        final TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
        tokenEnhancerChain.setTokenEnhancers(Arrays.asList(tokenEnhancer(), accessTokenConverter()));
        endpoints.tokenStore(tokenStore())
        .tokenEnhancer(tokenEnhancerChain)
        .authenticationManager(authenticationManager);
    }

    @Bean
    public TokenStore tokenStore() {
        return new JwtTokenStore(accessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey("123");
        return converter;
    }

    @Bean
    public TokenEnhancer tokenEnhancer() {
        return new CustomTokenEnhancer();
    }

}

我的资源服务器

@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    private static final Logger logger = LogManager.getLogger(AuthorizationServerConfig.class);

    @Value("${security.oauth2.resource.id}")
    private String resourceId;

    @Override
    public void configure(final HttpSecurity http) throws Exception {
        logger.traceEntry("Entrada configure");
        // @formatter:off
        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
        .and()
        .authorizeRequests().anyRequest().permitAll();
        logger.info("Ejecucion de metodo " + http);
        // @formatter:on
    }

    @Override
    public void configure(final ResourceServerSecurityConfigurer config) {
        config.resourceId(resourceId).stateless(true);  }
}

WebSecurity

The WebSecurity

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private static final Logger logger = LogManager.getLogger(WebSecurityConfig.class);


    @Autowired
    @Resource(name = "UsuarioService")
    private UserDetailsService userDetailsService;

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Autowired
    public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
        logger.traceEntry("globalUserDetails", auth);
        auth.userDetailsService(userDetailsService)
        .passwordEncoder(encoder());

        logger.traceExit("globalUserDetails", auth);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        logger.traceEntry();
        logger.info("ejecutando configuracion " + http);
        http.cors().disable()
        .csrf().disable()
        .anonymous().disable()
        .authorizeRequests()
        .antMatchers("/login", "/logout.do").permitAll()
        .antMatchers("/**").authenticated()
        .and().formLogin().loginPage("/login").permitAll()
        .and().httpBasic();

        logger.info("se ejecuto configuracion " + http);

    }

    @Bean
    public BCryptPasswordEncoder encoder(){
        return new BCryptPasswordEncoder();
    }

    @Bean
    public FilterRegistrationBean corsFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        CorsConfiguration config = new CorsConfiguration();
        config.setAllowCredentials(true);
        config.addAllowedOrigin("*");
        config.addAllowedHeader("*");
        config.addAllowedMethod("*");
        source.registerCorsConfiguration("/**", config);
        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
        bean.setOrder(0);
        return bean;
    }

    @Bean
    public WebMvcConfigurer corsConfigurer() {
        return new WebMvcConfigurerAdapter() {
            @Override
            public void addCorsMappings(CorsRegistry registry) {
                registry.addMapping("/auth/token").allowedOrigins("http://localhost:9000");
            }
        };
    }
}

UserDetailService的loadUserDetail的实现@Override public UserDetails loadUserByUsername(String username)抛出UsernameNotFoundException { logger.traceEntry("Iniciando loadUserByUsername"); /这里我们正在使用虚拟数据,您需要从以下位置加载用户数据 数据库或其他第三方应用程序/ 尝试 { Usuario usuario = findAllUsuarioRoleByName(用户名); logger.info(成功使用我们的密码" + usuario);

The implementation of loadUserDetail of UserDetailService@Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { logger.traceEntry("Iniciando loadUserByUsername"); /Here we are using dummy data, you need to load user data from database or other third party application/ try { Usuario usuario = findAllUsuarioRoleByName(username); logger.info("Se encontro el usaurio " + usuario);

    UserBuilder builder = null;
    if (usuario != null) {
        List<String> roles =  new ArrayList<>();

        Collection<UsuarioRole> usuarioRoleByUsuarioName = usuarioRoleRepository.findAllUsuarioRoleByUsuarioName(usuario.getNombreUsuario());
        logger.info("Roles encontrados " + usuarioRoleByUsuarioName.size());
        for(UsuarioRole usuarioRole : usuarioRoleByUsuarioName) {
            roles.add(usuarioRole.getRole().getNombreRole());
        }

        String[] rolesArray = new String[roles.size()];
        rolesArray = roles.toArray(rolesArray);

        builder = org.springframework.security.core.userdetails.User.withUsername(username);
        builder.password(new BCryptPasswordEncoder().encode(usuario.getClaveUsuario()));
        for (String string : rolesArray) {
            logger.debug("**** " + string);
        }
        builder.roles(rolesArray);
    } else {
        throw new UsernameNotFoundException("User not found.");
    }

    return builder.build();
    }finally {
        logger.traceExit("Finalizando loadUserByUsername");
    }
}

推荐答案

对角度代码进行以下调整.

Make the following adjustments to your angular code.

  1. 通过Authorization标头传递client_id和client_secret.

  2. 在发布之前对对象进行序列化(您可以参考此 answer ).

login(username: string, password: string ) {

    let body = {
        username: 'GDELOSSANTOS',
        password: 'ADMIN',
        grant_type: 'password'
    };

    // Serialize body object

    let bodySerialized = 'grant_type=password&password=ADMIN&username=GDELOSSANTOS';

    let headers = new HttpHeaders()
        .set('Content-Type', 'application/x-www-form-urlencoded')
        .set('Authorization', 'Basic ' + btoa("ADMIN:ADMIN"));

    return this.http.post(Constante.BACKEND_TOKEN_REQUEST,
        bodySerialized,
        {
            headers: headers
        }).subscribe(res => this.setSession);
 }

这篇关于spirng boot 2 jwt oauth2 + angular 5无法获得JWT的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-02 02:04
Powered by LMLPHP ©2024 无法获得 0.036320