CODEWITHSUNDEEP
springspring-bootoauth-2.0postman
안교준
안교준

Reputation: 53

Spring boot oauth: unsupported grant type

please help me... unsupported grant type makes me crazy.. my spring boot settings look like this.

    @Configuration
    @EnableAuthorizationServer
    public class AuthServerConfig extends AuthorizationServerConfigurerAdapter{

        @Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
            // TODO Auto-generated method stub
            super.configure(endpoints);
        }

        @Override
        public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
            // TODO Auto-generated method stub
            security
            /*.tokenKeyAccess("permitAll()")*/
              .checkTokenAccess("isAuthenticated()");
        }

        @Bean
        public TokenStore tokenStore() {
            return new JwtTokenStore(jwtAccessTokenConverter());
        }

        @Bean
        public JwtAccessTokenConverter jwtAccessTokenConverter() {
            return new JwtAccessTokenConverter();
        }

        @Override
        public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
            // TODO Auto-generated method stub
            clients.inMemory()
            .withClient("foo")
            .secret("{noop}bar")
            .authorizedGrantTypes("password", "authorization_code", "refresh_token","client_credentials")

            .authorities("ROLE_CLIENT","ROLE_TRUSTED_CLIENT")

            .scopes("read", "write","trust","openid")

            .accessTokenValiditySeconds(120).//Access token is only valid for 2 minutes.

            refreshTokenValiditySeconds(600);//Refresh token is only valid for 10 minutes.


        }

    }

and this is result of postman test that always return unsupported grant type 'password'

enter image description here

enter image description here

Upvotes: 4

Views: 7815

Answers (2)

Ghasem Sadeghi
Ghasem Sadeghi

Reputation: 1854

if you are using grant_type="password", you have to :

create below bean in your own WebSecurityConfigurerAdapter class

@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
   return super.authenticationManagerBean();
}

inject it to AuthorizationServerConfigurerAdapter class

@Autowired
private AuthenticationManager authenticationManager;

use it in configure(AuthorizationServerEndpointsConfigurer endpoints) method 

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
   endpoints.authenticationManager(authenticationManager);
}

Complete Example :

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
    @Bean
    @Override
    protected UserDetailsService userDetailsService(){
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(User.withUsername("a").password("123456").authorities("USER").build());
        return manager;
    }
}



@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    private AuthenticationManager authenticationManager;

    @Autowired
    public AuthorizationServerConfig(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
        endpoints.authenticationManager(authenticationManager);
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) {
         security.tokenKeyAccess("permitAll()")         
                 .checkTokenAccess("isAuthenticated()") 
                 .allowFormAuthenticationForClients();
    }

    @Override
        public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
                .withClient("CLIEN_ID").secret("CLIENT_SECRET")
                .authorizedGrantTypes("password", "refresh_token")
                .authorities("CLIENT")
                .scopes("read");
    }
}

Test :

curl -i -X POST -d "username=a&password=123456&grant_type=password&client_id=CLIENT_ID&client_secret=CLIENT_SECRET" http://localhost:8080/oauth/token

Upvotes: 19

Udara S.S Liyanage
Udara S.S Liyanage

Reputation: 6453

Assuming the input user is valid, could you please try sending client id and client secret params in addition to username, password and grant type.

curl http://{host}:{port}/oauth/token -d grant_type=password -d username=user -d password=password -d client_id=client -d client_secret=secret

Upvotes: -1

Related Questions