spring security oauth2中的"无法获取访问令牌"错误

Question

在我的spring项目中,我有一个在localhost:9999上运行的oauth2客户端应用程序和一个在localhost:8080上运行的oauth2授权服务器.结果,在批准页面之后,我看到错误页面,我不知道是什么问题？当按F12我看到set-cookie完成了!但/ oauth/token没有被调用!和/我也没有打电话!和浏览器不重定向到localhost:9999.

我的客户端应用

package sso.client;
import java.security.Principal;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@EnableAutoConfiguration
@Configuration
@EnableOAuth2Sso
@RestController
public class App {

  @RequestMapping("/")
  public String home(Principal user) {
    return "Hello " + user.getName();
  }

  public static void main(String[] args) {
    new SpringApplicationBuilder(App.class)
        .properties("spring.config.name=client").run(args);
  }

}

client.yml

server:
  port: 9999
security:
  oauth2:
    client:
      client-id: acme
      client-secret: acmesecret
      access-token-uri: http://localhost:8080/oauth/token
      user-authorization-uri: http://localhost:8080/oauth/authorize
    resource:
      user-info-uri: http://localhost:8080/me

我的授权服务器

package sso.raymon;

import java.security.Principal;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@Configuration
@EnableAutoConfiguration
@RestController
@EnableWebSecurity
public class App extends WebSecurityConfigurerAdapter
{
     public static void main(String[] args) {
          SpringApplication.run(App.class, args);
     }

     @Configuration
     @EnableAuthorizationServer
     protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter{

          @Autowired
          private AuthenticationManager authenticationManager;


          @Override
          public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
               endpoints.authenticationManager(authenticationManager);
          }

          @Override
            public void configure(AuthorizationServerSecurityConfigurer security)
                    throws Exception {
                // TODO Auto-generated method stub
                security.allowFormAuthenticationForClients();
            }

          @Override
          public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
               // @formatter:off
               clients.inMemory()
               .withClient("acme")
               .authorizedGrantTypes("authorization_code")
               .authorities("ROLE_CLIENT")
               .scopes("read", "write")
               .secret("acmesecret");
               // @formatter:on
          } 
     }
     @RequestMapping("/me") 
     public String home(Principal user) {
          return user.getName();
     }

     @Configuration
     @EnableResourceServer 
     protected static class ResourceServer extends ResourceServerConfigurerAdapter {

          @Override 
          public void configure(HttpSecurity http) throws Exception {
              http
                    .antMatcher("/me")
                    .authorizeRequests().anyRequest().authenticated();
          }

     }
}

application.properties

security.user.name=forough
security.user.password=m123

打击URL错误:

本地主机:9999 /登录代码= xZgYwZ&状态= 27XzVY

错误:

Whitelable错误页面此应用程序没有/ error的显式映射,因此您会看到这是一个回退.有一个意想不到的错误(类型=未经授权,atatus = 401).身份验证失败:无法获取访问令牌