please help me... unsupported grant type makes me crazy..
my spring boot settings look like this.
@Configuration
@EnableAuthorizationServer
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter{
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
// TODO Auto-generated method stub
super.configure(endpoints);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
// TODO Auto-generated method stub
security
/*.tokenKeyAccess("permitAll()")*/
.checkTokenAccess("isAuthenticated()");
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(jwtAccessTokenConverter());
}
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
return new JwtAccessTokenConverter();
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
// TODO Auto-generated method stub
clients.inMemory()
.withClient("foo")
.secret("{noop}bar")
.authorizedGrantTypes("password", "authorization_code", "refresh_token","client_credentials")
.authorities("ROLE_CLIENT","ROLE_TRUSTED_CLIENT")
.scopes("read", "write","trust","openid")
.accessTokenValiditySeconds(120).//Access token is only valid for 2 minutes.
refreshTokenValiditySeconds(600);//Refresh token is only valid for 10 minutes.
}
}
and this is result of postman test that always return unsupported grant type 'password'
enter image description here
enter image description here
if you are using grant_type="password", you have to :
create below bean in your own WebSecurityConfigurerAdapter class
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
inject it to AuthorizationServerConfigurerAdapter class
@Autowired
private AuthenticationManager authenticationManager;
use it in configure(AuthorizationServerEndpointsConfigurer endpoints) method
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.authenticationManager(authenticationManager);
}
Complete Example :
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Bean
@Override
protected UserDetailsService userDetailsService(){
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("a").password("123456").authorities("USER").build());
return manager;
}
}
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
private AuthenticationManager authenticationManager;
@Autowired
public AuthorizationServerConfig(AuthenticationManager authenticationManager) {
this.authenticationManager = authenticationManager;
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) {
security.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()")
.allowFormAuthenticationForClients();
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("CLIEN_ID").secret("CLIENT_SECRET")
.authorizedGrantTypes("password", "refresh_token")
.authorities("CLIENT")
.scopes("read");
}
}
Test :
curl -i -X POST -d "username=a&password=123456&grant_type=password&client_id=CLIENT_ID&client_secret=CLIENT_SECRET" http://localhost:8080/oauth/token
Assuming the input user is valid, could you please try sending client id and client secret params in addition to username, password and grant type.
curl http://{host}:{port}/oauth/token -d grant_type=password -d username=user -d password=password -d client_id=client -d client_secret=secret
