CODEWITHSUNDEEP
spring-security-oauth2
JSH
JSH

Reputation: 141

Spring Oauth2 Authorization Server

I setting the Spring Configuration Below:

@EnableAuthorizationServer
@EnableWebSecurity
@Configuration
public class Oauth2Provider extends WebSecurityConfigurerAdapter implements
        AuthorizationServerConfigurer {

    /*
     * @Autowired private TokenStore tokenStore;
     */

    @Configuration
    protected static class AuthenticationConfiguration extends
            GlobalAuthenticationConfigurerAdapter {

        @Override
        public void init(AuthenticationManagerBuilder auth) throws Exception {
            auth.inMemoryAuthentication().withUser("user").password("password")
                    .roles("USER").and().withUser("admin").password("password")
                    .roles("USER", "ADMIN");
        }

    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security)
            throws Exception {
        // TODO Auto-generated method stub
        security.allowFormAuthenticationForClients();

    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients)
            throws Exception {

        // TODO Auto-generated method stub
        clients.inMemory()
                .withClient("my-trusted-client")
                .authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
                .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT", "ROLE_ANONYMOUS")
                .scopes("read", "write", "trust")
                .secret("secret")
                .accessTokenValiditySeconds(60);
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
            throws Exception {
        // TODO Auto-generated method stub

    }

}

And Maven Setting is Below:

<dependency>
    <groupId>org.springframework.security.oauth</groupId>
    <artifactId>spring-security-oauth2</artifactId>
    <version>2.0.5.RELEASE</version>
</dependency>

I Access : http://localhost:8080/oauth/token Payload grant_type=password&password=password&username=user&scope=read&client_id=my-trusted-client&client_secret=secret

But I receive error below:

{
error: "unsupported_grant_type"
error_description: "Unsupported grant type: password"
}

Upvotes: 12

Views: 11227

Answers (1)

Dave Syer
Dave Syer

Reputation: 58094

To use password grant you need to provide an authentication manager to the authorization server (in the empty method with the TODO in your example), so it can authenticate users. If it's a Spring Boot application there is always an AuthenticationManager available to be @Autowired.

Upvotes: 25

Related Questions