Я создал проект OAuth2 SpringBoot ( v 2.2.6.RELEASE ). Я хочу аутентифицировать пользователя из SPA (приложение Angular 8), используя поток предоставления пароля. Ниже приведен код AuthorizationServer:
@Configuration
@EnableWebSecurity
public class AuthorizationServerConfig extends WebSecurityConfigurerAdapter implements AuthorizationServerConfigurer {
@Autowired
private DataSource dataSource;
@Autowired
private AuthenticationManager authenticationManager;
@Bean
public TokenStore getJdbcTokenStore(){
return new JdbcTokenStore(this.dataSource);
}
@Autowired
private PasswordEncoder passwordEncoder;
@Bean
public PasswordEncoder getPasswordEncoderBean(){
return NoOpPasswordEncoder.getInstance();
}
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.checkTokenAccess("isAuthenticated()").tokenKeyAccess("permitAll()");
}
@Override
public void configure(ClientDetailsServiceConfigurer client) throws Exception {
client.jdbc(dataSource).passwordEncoder(passwordEncoder);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoint) throws Exception {
endpoint.tokenStore(this.getJdbcTokenStore());
endpoint.authenticationManager(authenticationManager);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**")
.authorizeRequests()
.antMatchers("/oauth/token").permitAll()
.anyRequest().authenticated()
.and()
.httpBasic();
http.cors();
}
}
Когда я вызываю конечную точку 'http://localhost: 8080 / oauth / token ' с Почтальоном, все работает нормально, и я получить ответ ниже:
{
"access_token": "fa66b6af-90d1-490b-9ea3-ffcfbe8042c0",
"token_type": "bearer",
"refresh_token": "44303904-b21c-42fc-aa56-fa264563909b",
"expires_in": 3276,
"scope": "READ WRITE"
}
, но когда я вызываю ту же самую конечную точку с помощью приложения Angular, я получаю ошибочный ответ. В журналах Spring Server распечатывается следующая ошибка:
2020-04-15 19:38:48,890 TRACE [http-nio-8080-exec-3] org.springframework.web.filter.RequestContextFilter: Bound request context to thread: org.apache.catalina.connector.RequestFacade@3a67bc68
2020-04-15 19:38:48,892 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/oauth/token']
2020-04-15 19:38:48,893 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Checking match of request : '/oauth/token'; against '/oauth/token'
2020-04-15 19:38:48,893 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: matched
2020-04-15 19:38:48,894 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2020-04-15 19:38:48,894 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2020-04-15 19:38:48,894 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2020-04-15 19:38:48,894 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
2020-04-15 19:38:48,894 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/logout', GET]
2020-04-15 19:38:48,895 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Request 'OPTIONS /oauth/token' doesn't match 'GET /logout'
2020-04-15 19:38:48,895 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/logout', POST]
2020-04-15 19:38:48,895 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Request 'OPTIONS /oauth/token' doesn't match 'POST /logout'
2020-04-15 19:38:48,895 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/logout', PUT]
2020-04-15 19:38:48,895 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Request 'OPTIONS /oauth/token' doesn't match 'PUT /logout'
2020-04-15 19:38:48,896 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/logout', DELETE]
2020-04-15 19:38:48,896 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Request 'OPTIONS /oauth/token' doesn't match 'DELETE /logout'
2020-04-15 19:38:48,896 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: No matches found
2020-04-15 19:38:48,896 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
2020-04-15 19:38:48,897 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2020-04-15 19:38:48,897 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.savedrequest.HttpSessionRequestCache: saved request doesn't match
2020-04-15 19:38:48,898 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2020-04-15 19:38:48,898 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2020-04-15 19:38:48,898 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.authentication.AnonymousAuthenticationFilter: Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@911ffd56: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2020-04-15 19:38:48,899 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
2020-04-15 19:38:48,899 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2020-04-15 19:38:48,899 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /oauth/token at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2020-04-15 19:38:48,899 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Checking match of request : '/oauth/token'; against '/oauth/token'
2020-04-15 19:38:48,900 DEBUG [http-nio-8080-exec-3] org.springframework.security.access.intercept.AbstractSecurityInterceptor: Secure object: FilterInvocation: URL: /oauth/token; Attributes: [fullyAuthenticated]
2020-04-15 19:38:48,900 DEBUG [http-nio-8080-exec-3] org.springframework.security.access.intercept.AbstractSecurityInterceptor: Previously Authenticated: org.springframework.security.authentication.AnonymousAuthenticationToken@911ffd56: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
2020-04-15 19:38:48,901 DEBUG [http-nio-8080-exec-3] org.springframework.security.access.vote.AffirmativeBased: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@3fd77ce9, returned: -1
2020-04-15 19:38:48,901 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.access.ExceptionTranslationFilter: Access is denied (user is anonymous); redirecting to authentication entry point
org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:84)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:233)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:123)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:155)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
atorg.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:109)
2020-04-15 19:38:48,904 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AndRequestMatcher: Trying to match using Ant [pattern='/**', GET]
2020-04-15 19:38:48,910 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Request 'OPTIONS /oauth/token' doesn't match 'GET /**'
2020-04-15 19:38:48,910 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AndRequestMatcher: Did not match
2020-04-15 19:38:48,910 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.savedrequest.HttpSessionRequestCache: Request not saved as configured RequestMatcher did not match
2020-04-15 19:38:48,911 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.access.ExceptionTranslationFilter: Calling Authentication entry point.
2020-04-15 19:38:48,912 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint: Trying to match using MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@51806858, matchingMediaTypes=[*/*], useEquals=true, ignoredMediaTypes=[]]]]
2020-04-15 19:38:48,920 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]
2020-04-15 19:38:48,921 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using AndRequestMatcher [requestMatchers=[NegatedRequestMatcher [requestMatcher=MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@51806858, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]], MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@51806858, matchingMediaTypes=[application/atom+xml, application/x-www-form-urlencoded, application/json, application/octet-stream, application/xml, multipart/form-data, text/xml], useEquals=false, ignoredMediaTypes=[*/*]]]]
2020-04-15 19:38:48,922 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AndRequestMatcher: Trying to match using NegatedRequestMatcher [requestMatcher=MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@51806858, matchingMediaTypes=[text/html], useEquals=false, ignoredMediaTypes=[]]]
2020-04-15 19:38:48,922 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: httpRequestMediaTypes=[*/*]
2020-04-15 19:38:48,922 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: Processing */*
2020-04-15 19:38:48,923 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: text/html .isCompatibleWith */* = true
2020-04-15 19:38:48,924 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.NegatedRequestMatcher: matches = false
2020-04-15 19:38:48,924 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AndRequestMatcher: Did not match
2020-04-15 19:38:48,925 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using MediaTypeRequestMatcher [contentNegotiationStrategy=org.springframework.web.accept.ContentNegotiationManager@51806858, matchingMediaTypes=[*/*], useEquals=true, ignoredMediaTypes=[]]
2020-04-15 19:38:48,925 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: httpRequestMediaTypes=[*/*]
2020-04-15 19:38:48,926 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: Processing */*
2020-04-15 19:38:48,926 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.MediaTypeRequestMatcher: isEqualTo true
2020-04-15 19:38:48,927 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: matched
2020-04-15 19:38:48,927 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint: Match found! Executing org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint@27de9336
2020-04-15 19:38:48,928 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint: Trying to match using RequestHeaderRequestMatcher [expectedHeaderName=X-Requested-With, expectedHeaderValue=XMLHttpRequest]
2020-04-15 19:38:48,929 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint: No match found. Using default entry point org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint@6aa0bb89
2020-04-15 19:38:48,930 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.header.writers.HstsHeaderWriter: Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@2cb0b2cf
2020-04-15 19:38:48,931 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.context.SecurityContextPersistenceFilter: SecurityContextHolder now cleared, as request processing completed
2020-04-15 19:38:48,931 TRACE [http-nio-8080-exec-3] org.springframework.web.filter.RequestContextFilter: Cleared thread-bound request context: org.apache.catalina.connector.RequestFacade@3a67bc68
2020-04-15 19:38:48,933 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/oauth/token']
2020-04-15 19:38:48,933 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Checking match of request : '/error'; against '/oauth/token'
2020-04-15 19:38:48,933 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/oauth/token_key']
2020-04-15 19:38:48,934 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Checking match of request : '/error'; against '/oauth/token_key'
2020-04-15 19:38:48,934 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/oauth/check_token']
2020-04-15 19:38:48,934 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Checking match of request : '/error'; against '/oauth/check_token'
2020-04-15 19:38:48,934 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: No matches found
2020-04-15 19:38:48,935 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
2020-04-15 19:38:48,935 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2020-04-15 19:38:48,935 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
2020-04-15 19:38:48,935 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
2020-04-15 19:38:48,936 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/logout', GET]
2020-04-15 19:38:48,936 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Request 'OPTIONS /error' doesn't match 'GET /logout'
2020-04-15 19:38:48,936 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/logout', POST]
2020-04-15 19:38:48,936 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Request 'OPTIONS /error' doesn't match 'POST /logout'
2020-04-15 19:38:48,936 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/logout', PUT]
2020-04-15 19:38:48,937 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Request 'OPTIONS /error' doesn't match 'PUT /logout'
2020-04-15 19:38:48,938 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: Trying to match using Ant [pattern='/logout', DELETE]
2020-04-15 19:38:48,938 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.AntPathRequestMatcher: Request 'OPTIONS /error' doesn't match 'DELETE /logout'
2020-04-15 19:38:48,939 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.util.matcher.OrRequestMatcher: No matches found
2020-04-15 19:38:48,939 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 5 of 11 in additional filter chain; firing Filter: 'OAuth2AuthenticationProcessingFilter'
2020-04-15 19:38:48,939 DEBUG [http-nio-8080-exec-3] org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor: Token not found in headers. Trying request parameters.
2020-04-15 19:38:48,939 DEBUG [http-nio-8080-exec-3] org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor: Token not found in request parameters. Not an OAuth2 request.
2020-04-15 19:38:48,940 DEBUG [http-nio-8080-exec-3] org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter: No token in request, will continue chain.
2020-04-15 19:38:48,940 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2020-04-15 19:38:48,940 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2020-04-15 19:38:48,940 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2020-04-15 19:38:48,940 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.authentication.AnonymousAuthenticationFilter: Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@71819f4f: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2020-04-15 19:38:48,941 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
2020-04-15 19:38:48,941 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2020-04-15 19:38:48,941 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2020-04-15 19:38:48,941 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.FilterChainProxy$VirtualFilterChain: /error reached end of additional filter chain; proceeding with original chain
2020-04-15 19:38:48,942 TRACE [http-nio-8080-exec-3] org.springframework.core.log.LogFormatUtils: "ERROR" dispatch for OPTIONS "/error", parameters={}, headers={masked} in DispatcherServlet 'dispatcherServlet'
2020-04-15 19:38:48,943 TRACE [http-nio-8080-exec-3] org.springframework.web.servlet.handler.AbstractHandlerMethodMapping: 2 matching mappings: [{ /error}, { /error}]
2020-04-15 19:38:48,944 TRACE [http-nio-8080-exec-3] org.springframework.web.servlet.handler.AbstractHandlerMapping: Mapped to org.springframework.web.servlet.handler.AbstractHandlerMethodMapping$EmptyHandler#handle()
2020-04-15 19:38:48,944 DEBUG [http-nio-8080-exec-3] org.springframework.orm.jpa.support.OpenEntityManagerInViewInterceptor: Opening JPA EntityManager in OpenEntityManagerInViewInterceptor
2020-04-15 19:38:48,944 TRACE [http-nio-8080-exec-3] org.springframework.transaction.support.TransactionSynchronizationManager: Bound value [org.springframework.orm.jpa.EntityManagerHolder@69c9424] for key [org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean@16e3d6d0] to thread [http-nio-8080-exec-3]
2020-04-15 19:38:48,945 TRACE [http-nio-8080-exec-3] org.springframework.web.servlet.DispatcherServlet: No view rendering, null ModelAndView returned.
2020-04-15 19:38:48,946 TRACE [http-nio-8080-exec-3] org.springframework.transaction.support.TransactionSynchronizationManager: Removed value [org.springframework.orm.jpa.EntityManagerHolder@69c9424] for key [org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean@16e3d6d0] from thread [http-nio-8080-exec-3]
2020-04-15 19:38:48,947 DEBUG [http-nio-8080-exec-3] org.springframework.orm.jpa.support.OpenEntityManagerInViewInterceptor: Closing JPA EntityManager in OpenEntityManagerInViewInterceptor
2020-04-15 19:38:48,947 DEBUG [http-nio-8080-exec-3] org.springframework.web.servlet.FrameworkServlet: Exiting from "ERROR" dispatch, status 401, headers={masked}
2020-04-15 19:38:48,948 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.access.ExceptionTranslationFilter: Chain processed normally
2020-04-15 19:38:48,949 DEBUG [http-nio-8080-exec-3] org.springframework.security.web.context.SecurityContextPersistenceFilter: SecurityContextHolder now cleared, as request processing completed
Ниже приведен скриншот запроса, отправляемого на сервер с chrome:
Это код angular, который вызывает бэкэнд-сервис:
let headers = new HttpHeaders({
"Accept" : "application/x-www-form-urlencoded"
});
this.options = { headers: headers };
let authData : FormData = new FormData();
authData.set('grant_type', 'password');
authData.set('username', auth.userId);
authData.set('password', auth.password);
return this.httpClient.post<UserModel>('http://localhost:8080/oauth/token', authData,this.options);
Если кто-нибудь может направить меня в правильном направлении, было бы здорово.