CODEWITHSUNDEEP
spring-bootspring-securityoauth-2.0
varun
varun

Reputation: 492

Getting an error 401 while accessing http://localhost:8181/oauth/token

I am creating an application using spring security and oauthv2 using spring boot and i have created my authorization server which works fine when i access the resource 'http://localhost:8181/oauth/token' from postman but when i access the same resource from my angular application it gives me 401 every time. I am not getting that i am getting 401 every time from angular.

Authorization Server

@Configuration
@EnableAuthorizationServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Import(ServerSecurityConfig.class)  
public class AuthServerOAuth2Config extends AuthorizationServerConfigurerAdapter {

@Autowired
private AuthenticationManager authenticationManager;

@Autowired
private UserDetailsService userDetailsService;

private final AppConfig appConfig;

@Autowired
public AuthServerOAuth2Config( AppConfig appConfig) {
    this.appConfig = appConfig;
}

@Bean
public TokenStore tokenStore() {
    return new JdbcTokenStore(appConfig.dataSource());
}

@Bean
public OAuth2AccessDeniedHandler oauthAccessDeniedHandler() {
    return new OAuth2AccessDeniedHandler();
}

@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
    oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}

@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
    clients.jdbc(appConfig.dataSource());
}

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
    endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager).userDetailsService(userDetailsService);
}
}

CorsFilter

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CorsFilter implements Filter {

@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
    final HttpServletResponse response = (HttpServletResponse) res;
    final HttpServletRequest request = (HttpServletRequest) req;
    response.addHeader("Access-Control-Allow-Origin", "*");
    if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
        response.setHeader("Access-Control-Allow-Methods", "POST,GET,DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "content-type,access-control-request-headers,access-control-request-method,accept,origin,authorization,x-requested-with");
        response.setStatus(HttpServletResponse.SC_OK);
    } else {
        chain.doFilter(req, res);
    }

}

@Override
public void destroy() {
}

@Override
public void init(FilterConfig config) throws ServletException {
}
}

Angular Code

signin(user: User){
let params = new URLSearchParams();
params.append('username',user.username);
params.append('password',user.password);    
params.append('grant_type','password');
params.append('client_id','web');
let headers = new Headers({'Content-type': 'application/x-www-form-urlencoded; charset=utf-8',
   'Authorization': 'Basic '+btoa("fooClientIdPassword:secret")});
let options = new RequestOptions({ headers: headers });

return this._http.post('http://192.168.0.14:8181/oauth/token', params.toString(), options);

}

Upvotes: 1

Views: 553

Answers (1)

Priyanthan Thuraisingam
Priyanthan Thuraisingam

Reputation: 21

Have you provide implementation for WebMvcConfigurer. please create this configuration class & try.

@Configuration
public class WebMvcConfig implements WebMvcConfigurer {

@Override
public void addCorsMappings(CorsRegistry registry) {
    registry.addMapping("/**").allowedMethods("HEAD", "GET", "PUT", "POST", "DELETE", "PATCH");
}

}

Upvotes: 0

Related Questions