1
首先開始oAuth2作爲初學者,我運行sparklr2樣本,它工作正常,然後我嘗試測試一些不同類型的授權方案。如何測試卷曲的sparklr2樣本?
爲了參考AuthorizationServerConfiguration類的配置方法是:
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
// @formatter:off
clients
.inMemory()
.withClient("esirius")
.resourceIds(RESOURCE_ID)
.authorizedGrantTypes("authorization_code", "implicit")
.authorities("ROLE_CLIENT")
.scopes("read", "write", "trust")
.secret("secret")
.and()
.withClient("esirius-with-redirect")
.resourceIds(RESOURCE_ID)
.authorizedGrantTypes("authorization_code", "implicit")
.authorities("ROLE_CLIENT")
.scopes("read", "write")
.secret("secret")
.redirectUris(esiriusRedirectUri)
.and()
.withClient("my-client-with-registered-redirect")
.resourceIds(RESOURCE_ID)
.authorizedGrantTypes("authorization_code", "client_credentials")
.authorities("ROLE_CLIENT")
.scopes("read", "trust")
.redirectUris("http://anywhere?key=value")
.and()
.withClient("my-trusted-client")
.authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
.authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
.scopes("read", "write", "trust")
.accessTokenValiditySeconds(60)
.and()
.withClient("my-trusted-client-with-secret")
.authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
.authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
.scopes("read", "write", "trust")
.secret("somesecret")
.and()
.withClient("my-less-trusted-client")
.authorizedGrantTypes("authorization_code", "implicit")
.authorities("ROLE_CLIENT")
.scopes("read", "write", "trust")
.and()
.withClient("my-less-trusted-autoapprove-client")
.authorizedGrantTypes("implicit")
.authorities("ROLE_CLIENT")
.scopes("read", "write", "trust")
.autoApprove(true);
// @formatter:on
}
第一我成功,同時運行的捲曲是grant_type = client_credentials
%curl% -i -X POST "http://localhost:8002/oauth/token" -H "Accept: application/json" -u "my-client-with-registered-redirect:" -d "grant_type=client_credentials" -d "scope=read"
響應:
{"access_token":"3735d098-fb33-48da-8f87-a950e4bd3df2","token_type":"bearer","expires_in":43199,"scope":"read"}
現在我試圖測試grant_type =密碼scena里奧:
%curl% -i -d "client_id=my-trusted-client" -d "username=marissa" -d "password=koala" -d "grant_type=password" -d "redirect_uri=http://a-dreuz/callback" -H "Accept: application/json" -X POST http://localhost:8002/oauth/token
,並具有響應:
{"error":"unauthorized","error_description":"Full authentication is required to access this resource"}
我已經測試了很多組合成功內部消除的,什麼是錯的這一要求? 我發現這是一個很好的方式來測試請求捲曲curl以瞭解與oAuth2的不同場景。
感謝您的幫助。
感謝@ dave-syer指出我的錯誤,現在我可以使用curl grant_type = password方案請求成功。 %curl%-i -u「my-trusted-client-with-secret:somesecret」-d「username = marissa」-d「password = koala」-d「grant_type = password」-d「scope = read」-H 「Accept:application/json」-X POST http:// localhost:8002/oauth/token – DanyRic