Spring Security – There is no PasswordEncoder mapped for the id “null”
解决方法:
因为 5.x 版本新增了多种密码加密方式,必须指定一种,比如这样解决
@Bean public static NoOpPasswordEncoder passwordEncoder() { return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance(); }
@Bean public PasswordEncoder passwordEncoder(){ return new BCryptPasswordEncoder(); }
调用接口/com-oauth/oauth/check_token 失败
返回错误结果如下:
{ "timestamp": "2020-02-26T02:57:43.818+0000", "status": 403, "error": "Forbidden", "message": "Forbidden", "path": "/com-oauth/oauth/check_token" }
解决方法:
在认证服务器中重写 configure(AuthorizationServerSecurityConfigurer security)
方法
security.tokenKeyAccess("permitAll()") .checkTokenAccess("isAuthenticated()");
在使用密码模式时,抛出异常:o.s.s.o.provider.endpoint.TokenEndpoint : Handling error: UnsupportedGrantTypeException, Unsupported grant type: password
解决方法:
在认证服务器中重写 configure(AuthorizationServerEndpointsConfigurer endpoints)
@Configuration @EnableAuthorizationServer public class OAuth2AuthorizationServer extends AuthorizationServerConfigurerAdapter { // 用户认证 @Autowired private AuthenticationManager authenticationManager; @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { super.configure(endpoints); // 密码模式必须有这个参数 endpoints.authenticationManager(authenticationManager); } }
在 passwod 模式下,执行刷新 token 时,抛出异常 Handling error: IllegalStateException, UserDetailsService is required.
执行以下命令,抛出异常 Handling error: IllegalStateException, UserDetailsService is required
curl -i -X POST -u 'clientapp2:112233' http://10.216.33.211:10808/com-oauth/oauth/token -H "accept: application/json" -d 'grant_type=refresh_token&refresh_token=b610dfa9-2ee4-4214-bc57-f6b2937d4b27'
解决方法:
在认证服务器中配置 UserDetailsService
对象
@Autowired private UserDetailServiceImpl userDetailService; @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { //如果需要使用refresh_token模式则需要注入userDetailService endpoints.userDetailsService(userDetailService); // 密码模式必须有这个参数 endpoints.authenticationManager(this.authenticationManager); }
不支持 form 表单提交
执行命令:
curl -X POST "http://10.216.33.211:10808/com-oauth/oauth/token" -d "grant_type=client_credentials&scope=read_contacts&client_id=clientapp&client_secret=112233"
返回错误:
{"timestamp":"2019-07-11T02:27:29.962+0000","status":401,"error":"Unauthorized","message":"Unauthorized","path":"/com-oauth/oauth/token"}
解决方法:
在认证服务器中重写 configure(AuthorizationServerSecurityConfigurer security)
方法,让其支持表单提交 security.allowFormAuthenticationForClients();
@Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.allowFormAuthenticationForClients() .tokenKeyAccess("permitAll()") .checkTokenAccess("isAuthenticated()"); }
欢迎来到这里!
我们正在构建一个小众社区,大家在这里相互信任,以平等 • 自由 • 奔放的价值观进行分享交流。最终,希望大家能够找到与自己志同道合的伙伴,共同成长。
注册 关于