samedi 11 avril 2015

Spring OAuth @EnableResourceServer preventing login page from OAuth server

Browser Response for localhost:9999/uaa/oauth/authorize?response_type=code&client_id=acme&redirect_uri=http://example.com is 302 Found,

but response for localhost:9999/uaa/login is 401 Unauthorized.


I could get the login token prior to adding the @EnableResourceServer. I am using Spring boot and extending WebSecurityConfigurerAdapter to use authentication Manager with data source. When I tried to add a ResourceServerConfigurerAdapter it wouldn't build. What is the easiest way to allow the login page?



@SpringBootApplication
@RestController
@EnableResourceServer
public class OAuthSvcApplication extends WebMvcConfigurerAdapter {

private static final Logger log = LoggerFactory.getLogger(OAuthSvcApplication.class);

   @RequestMapping("/user")
   public Principal user(Principal user) {
    return user;
   }
   public static void main(String[] args) {
      SpringApplication.run(OAuthSvcApplication.class, args);
   }

}

@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {


@Autowired
public void configureAuth(AuthenticationManagerBuilder auth,DataSource dataSource, Environment env)
        throws Exception {

    auth.jdbcAuthentication().dataSource(dataSource);
}


@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {


    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private DataSource dataSource;


    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
            throws Exception {
        endpoints.authenticationManager(authenticationManager);
    }


    @Override
    public void configure(AuthorizationServerSecurityConfigurer security)
            throws Exception {
            security.checkTokenAccess("hasAuthority('USER')");
        }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients)
            throws Exception {
        clients.inMemory()
                .withClient("acme")
                .secret("acmesecret")
                .authorizedGrantTypes("authorization_code",
                        "refresh_token", "password").scopes("openid");
        }

    }
}

Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)