1. 程式人生 > >springCloud整合Oauth2時如何設定資源服務ID

springCloud整合Oauth2時如何設定資源服務ID

在資源服務配置中過載資源配置方法

···
@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

@Override
public void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    http.antMatcher("/client/userinfo").authorizeRequests().anyRequest().authenticated();
    // @formatter:on
}

@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.resourceId("authorize-server"); //重點,設定資源id
}

}
···

把資源id加到clientdetails中

···
@Configuration
@EnableAuthorizationServer
public class OAuth2Configuration extends AuthorizationServerConfigurerAdapter {

public static final String RESOURCE_ID = "bookmarks";

@Autowired
AuthenticationManagerBuilder authenticationManager;

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints)
    throws Exception {
endpoints.authenticationManager(new AuthenticationManager() {
    @Override
    public Authentication authenticate(Authentication authentication)
            throws AuthenticationException {
        return authenticationManager.getOrBuild().authenticate(
                authentication);
        }
    });
}

@Override
public void configure(ClientDetailsServiceConfigurer clients)
    throws Exception {

    clients.inMemory()
        .withClient("android-" + RESOURCE_ID)
        .authorizedGrantTypes("password", "authorization_code", "refresh_token")
        .authorities("ROLE_USER")
        .scopes("write")
        .secret("123456")
        .resourceIds(“authorize-server”); //注意這裡
}

}
···

否則會報以下錯誤

{"error":"access_denied",
"error_description":"Invalid token does not contain resource id (oauth2-resource)"
}
  • 如果覺得有幫忙請推薦給朋友,最好能送顆星,謝謝