Сервер авторизации Springboot Oauth2 /oauth2/token path не найден 404

Question

Сервер авторизации Springboot Oauth2 /oauth2/token path не найден 404

Я установил зависимости с новым сервером авторизации Spring Security Oauth2. все работает хорошо. я могу получить код авторизации на этой конечной точке и параметры

http://127.0.0.1:8080/oauth2/authorize?client_id=client&redirect_uri=redirect_uri&code_challenge=code&code_challenge_method=S256&response_type=code&scope=openid

но когда я пытаюсь получить токен доступа, сервер возвращает не найденный статус 404 на этой конечной точке

http://127.0.0.1:8080/oauth2/token?client_id=client&redirect_uri=redirect_uri&code_verifier=code&grant_type=authorization_code&code=code

так что я не знаю, пропустил ли я что-то в моей конфигурации

это моя конфигурация сервера авторизации

      @Configuration
@RequiredArgsConstructor
public class AuthorizationServerConfig {
    private final PasswordEncoder passwordEncoder;

    @Bean
    @Order(Ordered.HIGHEST_PRECEDENCE)
    public SecurityFilterChain securityFilterChainAs(HttpSecurity http) throws Exception {
        OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
        http.exceptionHandling(exceptions -> exceptions.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login")));
        return http.formLogin().and().build();
    }

    @Bean
    public OAuth2AuthorizationService authorizationService(JdbcTemplate jdbcTemplate, RegisteredClientRepository registeredClientRepository) {
        return new JdbcOAuth2AuthorizationService(jdbcTemplate, registeredClientRepository);
    }

    @Bean
    public OAuth2AuthorizationConsentService authorizationConsentService(JdbcTemplate jdbcTemplate, RegisteredClientRepository registeredClientRepository) {
        return new JdbcOAuth2AuthorizationConsentService(jdbcTemplate, registeredClientRepository);
    }

    @Bean
    public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {
        
        RegisteredClientRepository repository =  new JdbcRegisteredClientRepository(jdbcTemplate);
        RegisteredClient client = repository.findByClientId("e8e0bb02-7e8e-4768-9e98-70b6359ad321");
        if (client==null){
            client = RegisteredClient.withId(UserIdGenerator.generateClientId())
                    .clientId("client")
                    .clientSecret(passwordEncoder.encode("password"))
                    .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
                    .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
                    .authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
                    .redirectUri("http://127.0.0.1:4200/authorized")
                    .scope(OidcScopes.OPENID)
                    .scope("read")
                    .scope("write")
                    .build();
        }
        repository.save(client);
        return repository;
    }

    @Bean
    public JWKSource<SecurityContext> jwkSource() {
        RSAKey rsaKey = Jwks.generateRsa();
        JWKSet jwkSet = new JWKSet(rsaKey);
        return (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);
    }

    @Bean
    public JwtDecoder jwtDecoder(JWKSource<SecurityContext> jwkSource) {
        return OAuth2AuthorizationServerConfiguration.jwtDecoder(jwkSource);
    }

    @Bean
    public ProviderSettings providerSettings() {
        return ProviderSettings.builder().build();
    }
}

Конфигурация безопасности по умолчанию

      @EnableWebSecurity
@Configuration(proxyBeanMethods = true)
@RequiredArgsConstructor
public class DefaultSecurityConfig {
    private final PasswordEncoder passwordEncoder;
    private final UserManager userManager;
    private final CustomAccessDeniedHandler accessDeniedHandler;
    private final CustomLoginSuccessHandler loginSuccessHandler;
    private final CustomLogoutSuccessHandler logoutSuccessHandler;
    private final CustomAuthenticationFailureHandler authenticationFailureHandler;

    @Bean
    public AuthenticationManager authManager(HttpSecurity http) throws Exception {
        AuthenticationManagerBuilder authenticationManagerBuilder = http.getSharedObject(AuthenticationManagerBuilder.class);
        authenticationManagerBuilder.authenticationProvider(authenticationProvider());
        return authenticationManagerBuilder.build();
    }

    @Bean
    SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests(authorize -> authorize
                .antMatchers("/exposed/**").permitAll()
                .antMatchers("/resources/**", "/js/**", "/webjars/**","/images/**", "/css/**").permitAll()
                .anyRequest().authenticated());
        http.exceptionHandling(exceptions->exceptions
                .accessDeniedHandler(accessDeniedHandler));
        http.formLogin(formLogin-> formLogin.loginPage("/login")
                .failureHandler(authenticationFailureHandler)
                .permitAll());
        http.logout(logout-> logout
                .permitAll()
                .logoutSuccessHandler(logoutSuccessHandler));
        http.httpBasic();
        return http.build();
    }

    @Bean
    public DaoAuthenticationProvider authenticationProvider() {
        DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
        authenticationProvider.setUserDetailsService(userManager);
        authenticationProvider.setPasswordEncoder(passwordEncoder);
        return authenticationProvider;
    }
}

просто задайте вопрос, содержащий блоки кода

1

http-status-code-404 authorization-server

Источник

user12776496 29 окт '22 в 06:59

0 ответов

Другие вопросы по тегам http-status-code-404 authorization-server