NoSuchClientException，没有请求 id 的客户端

Question

当我尝试访问 /oauth/token 时出现错误：

o.s.s.o.provider.endpoint.TokenEndpoint：处理错误：NoSuchClientException，没有请求 id 的客户端：用户名

我在接下来的步骤中得到了它：

1. 我尝试发出请求 oauth/authorize 并获取带有输入凭据的弹出窗口。
2. 输入它并得到错误“不支持的响应类型”
3. 然后我尝试通过 oauth/token 制作请求获取令牌

curl -u clientsecret:12345 -X POST http://localhost:8080/oauth/token -H "Accept:application/json" -d "username=user&password=password&grant_type=password"

然后出现 NoSuchClientException 错误。为什么将用户名设置为clientId？ 这是我的代码：

@Configuration
public class OAuth2ServerConfig {

@Configuration
@EnableResourceServer
protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

    @Inject
    private Http401UnauthorizedEntryPoint authenticationEntryPoint;

    @Inject
    private AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler;

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .exceptionHandling()
                .authenticationEntryPoint(authenticationEntryPoint)
                .and()
                .logout()
                .logoutUrl("/logout")
                .logoutSuccessHandler(ajaxLogoutSuccessHandler)
                .and()
                .csrf()
                .requireCsrfProtectionMatcher(new AntPathRequestMatcher("oauth/token"))
                .disable()
                .headers()
                .frameOptions().disable()
                .and()
                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .authorizeRequests()
                .antMatchers("/admin").hasAnyAuthority("ADMIN");
    }
}

@Configuration
@EnableAuthorizationServer
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

    private static final String CLIENTID = "app";
    private static final String PROP_SECRET = "secret";
    private static final Integer TOKEN_VALIDITY_SECONDS = -1;
    @Inject
    private UserDetailsService userDetailsService;
    @Inject
    private OAuth2AccessTokenRepository oAuth2AccessTokenRepository;

    @Inject
    private OAuth2RefreshTokenRepository oAuth2RefreshTokenRepository;

    @Bean
    public TokenStore tokenStore() {
        return new MongoDBTokenStore(oAuth2AccessTokenRepository, oAuth2RefreshTokenRepository);
    }

    @Inject
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
            throws Exception {

        endpoints
                .tokenStore(tokenStore())
                .authenticationManager(authenticationManager).userDetailsService(userDetailsService);
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients
                .inMemory()
                .withClient(CLIENTID)
                .authorizedGrantTypes("authorization_code","refresh_token","password")
                .authorities("USER", "ADMIN")
                .secret(PROP_SECRET)
                .accessTokenValiditySeconds(TOKEN_VALIDITY_SECONDS);
    }
}
}

Answer 1

像这样创建请求

curl app:secret@localhost:8080/oauth/token  -d grant_type=password -d client_id=app  -d username=user -d password=password