访问http://localhost:8181/oauth/token时出现错误401
访问http://localhost:8181/oauth/token时出现错误401
提问于 2018-07-24 15:16:49
我正在创建一个使用spring security的应用程序和使用spring boot的oauthv2,并且我已经创建了我的授权服务器,当我从postman访问资源'http://localhost:8181/oauth/token‘时,它工作得很好,但是当我从我的angular应用程序访问相同的资源时,它每次都会给我401。我并不是每次都能从angular得到401。
授权服务器
@Configuration
@EnableAuthorizationServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Import(ServerSecurityConfig.class)
public class AuthServerOAuth2Config extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private UserDetailsService userDetailsService;
private final AppConfig appConfig;
@Autowired
public AuthServerOAuth2Config( AppConfig appConfig) {
this.appConfig = appConfig;
}
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(appConfig.dataSource());
}
@Bean
public OAuth2AccessDeniedHandler oauthAccessDeniedHandler() {
return new OAuth2AccessDeniedHandler();
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.jdbc(appConfig.dataSource());
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager).userDetailsService(userDetailsService);
}
}CorsFilter
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CorsFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
final HttpServletResponse response = (HttpServletResponse) res;
final HttpServletRequest request = (HttpServletRequest) req;
response.addHeader("Access-Control-Allow-Origin", "*");
if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
response.setHeader("Access-Control-Allow-Methods", "POST,GET,DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "content-type,access-control-request-headers,access-control-request-method,accept,origin,authorization,x-requested-with");
response.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(req, res);
}
}
@Override
public void destroy() {
}
@Override
public void init(FilterConfig config) throws ServletException {
}
}角度代码
signin(user: User){
let params = new URLSearchParams();
params.append('username',user.username);
params.append('password',user.password);
params.append('grant_type','password');
params.append('client_id','web');
let headers = new Headers({'Content-type': 'application/x-www-form-urlencoded; charset=utf-8',
'Authorization': 'Basic '+btoa("fooClientIdPassword:secret")});
let options = new RequestOptions({ headers: headers });
return this._http.post('http://192.168.0.14:8181/oauth/token', params.toString(), options);}
回答 1
Stack Overflow用户
发布于 2018-07-24 19:37:29
您是否提供了WebMvcConfigurer的实现。请创建此配置类并尝试。
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
@Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedMethods("HEAD", "GET", "PUT", "POST", "DELETE", "PATCH");
}}
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/51492663
复制相关文章
相似问题
腾讯云开发者
