oauth2-demo icon indicating copy to clipboard operation
oauth2-demo copied to clipboard

Published 20 hours ago verified publisher icon lexburner

无法通过GET获取token

Open evilmiracle opened this issue 6 years ago • 15 comments

请求链接: http://localhost:8080/oauth/token?grant_type=password&scope=select&client_id=client_2&client_secret=123456

收到回显

{"error":"invalid_grant","error_description":"坏的凭证"}

使用你的readme提供的

http://localhost:8080/oauth/token?username=user_1&password=123456&grant_type=password&scope=select&client_id=client_2&client_secret=123456

得到回显

{"error":"server_error","error_description":"Internal Server Error"}

这是因为啥原因啊?

evilmiracle avatar May 11 '18 06:05 evilmiracle

http://localhost:8080/oauth/token?grant_type=password&scope=select&client_id=client_2&client_secret=123456 该请求有问题,因为你使用了password模式,却没有携带username和password。

http://localhost:8080/oauth/token?username=user_1&password=123456&grant_type=password&scope=select&client_id=client_2&client_secret=123456 该请求应该可以获取到正确响应,确认下你是不是做了什么特殊的配置,我这边自己是可以获得响应的。 {"error":"server_error","error_description":"Internal Server Error"} 可以把详细的error log贴出来

lexburner avatar May 11 '18 07:05 lexburner

http://localhost:8080/oauth/token?username=user_1&password=123456&grant_type=password&scope=select&client_id=client_2&client_secret=123456 { "error": "server_error", "error_description": "Internal Server Error" }

后台报错: 2018-05-21 16:33:38.490 DEBUG 4112 --- [nio-8080-exec-9] .o.p.p.ResourceOwnerPasswordTokenGranter : Getting access token for: client_2 2018-05-21 16:34:05.335 DEBUG 4112 --- [nio-8080-exec-9] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider 2018-05-21 16:34:16.889 WARN 4112 --- [nio-8080-exec-9] o.s.s.o.provider.endpoint.TokenEndpoint : Handling error: IllegalArgumentException, There is no PasswordEncoder mapped for the id "null" 2018-05-21 16:34:16.890 DEBUG 4112 --- [nio-8080-exec-9] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@5cbc01a0 2018-05-21 16:34:16.894 WARN 4112 --- [nio-8080-exec-9] .m.m.a.ExceptionHandlerExceptionResolver : Resolved exception caused by Handler execution: java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null" 2018-05-21 16:34:16.896 DEBUG 4112 --- [nio-8080-exec-9] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally 2018-05-21 16:34:16.896 DEBUG 4112 --- [nio-8080-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed

cel105302 avatar May 21 '18 08:05 cel105302

http://localhost:8080/oauth/token?username=user_1&password=123456&grant_type=password&scope=select&client_id=client_2&client_secret=123456 返回:{"error":"server_error","error_description":"Internal Server Error"} 提示不能连接Redis: 2018-06-27 16:41:24.182 WARN 3292 --- [nio-8080-exec-1] o.s.s.o.provider.endpoint.TokenEndpoint : Handling error: RedisConnectionFailureException, Unable to connect to Redis; nested exception is io.lettuce.core.RedisConnectionException: Unable to connect to 127.0.0.1:6379

leolird avatar Jun 27 '18 08:06 leolird

@cel105302 试试不要用 curl,你的请求其实被截断了。我也踩过坑。

lexburner avatar Jun 28 '18 11:06 lexburner

@pingalive 看看是不是自己redis服务的问题,redis-cli 可不可以连接上

lexburner avatar Jun 28 '18 11:06 lexburner

@pingalive,谢谢,前段时间已经解决了

cel105302 avatar Jul 07 '18 13:07 cel105302

@lexburner 我本地没有安装redis, 安上就好了

leolird avatar Jul 10 '18 07:07 leolird

Handling error: SerializationException, Cannot deserialize; nested exception is org.springframework.core.serializer.support.SerializationFailedException: Failed to deserialize payload. Is the byte array a result of corresponding serialization for DefaultDeserializer?; nested exception is java.io.InvalidClassException: org.springframework.security.core.authority.SimpleGrantedAuthority; local class incompatible: stream classdesc serialVersionUID = 420, local class serialVersionUID = 500

huang-xuan avatar Jul 11 '18 08:07 huang-xuan

@huang-xuan 这个是因为你前后的 redis 的序列器不一样造成的问题,可能是不同项目的配置不同,也有可能是同一个项目修改了配置,导致 redis 中的数据无法被正常序列化。

lexburner avatar Jul 11 '18 08:07 lexburner

我用授权码方式,页面返回这个,获取不到token
error="invalid_client", error_description="Bad client credentials"

huang-xuan avatar Jul 11 '18 09:07 huang-xuan

授权码模式的 demo 看来有点问题,不止一个人提了 issue,我最近抽空 debug 看下,调通了回复大家。

lexburner avatar Jul 14 '18 01:07 lexburner

@huang-xuan 授权码模式demo已更新,pull 之后重新看下吧

lexburner avatar Jul 16 '18 03:07 lexburner

@evilmiracle 项目fork下来,按照文档请求,遇到了同样的错误。我这边看到的原因是:url请求内有空格,主要是&后面多了几个空格

ftqiao avatar Aug 21 '18 02:08 ftqiao

@lexburner TokenEndpoint暴露的/oauth/token是GET和POST两种类型,但是GET请求是去检查allowedRequestMethods是否包含GET方法,默认只支持POST方法,具体可以看一下下面的源码。 ` private Set<HttpMethod> allowedRequestMethods = new HashSet<HttpMethod>(Arrays.asList(HttpMethod.POST));

@RequestMapping(value = "/oauth/token", method=RequestMethod.GET)
public ResponseEntity<OAuth2AccessToken> getAccessToken(Principal principal, @RequestParam
Map<String, String> parameters) throws HttpRequestMethodNotSupportedException {
	if (!allowedRequestMethods.contains(HttpMethod.GET)) {
		throw new HttpRequestMethodNotSupportedException("GET");
	}
	return postAccessToken(principal, parameters);
}

`

KevinQian avatar Nov 08 '18 03:11 KevinQian

Add a NoOpPasswordEncoder Bean to your Oauth2Config which extends AuthorizationServerConfigurerAdapter

@Bean public static NoOpPasswordEncoder passwordEncoder() { return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance(); }

sharanbm avatar Nov 25 '18 23:11 sharanbm