Я реализовал oAuth2 в java пружине. когда я посылаю запрос от почтальона с базовым c auth, я получаю токен в ответ. Но когда я отправляю его с angular, возвращается 401.
, пожалуйста, проверьте прикрепленный код и изображения.
package com.spring.rest.spring_rest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter{
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
// super.configure(endpoints);
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
// super.configure(security);
security.checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
// super.configure(clients);
clients.inMemory().withClient("my-trusted-client")
.authorizedGrantTypes("client_credentials","password")
.authorities("ROLE_CLIENT","ROLE_TRUSTED_CLIENT")
.scopes("read","write","trust")
.resourceIds("oauth2-resource")
.accessTokenValiditySeconds(5000)
.secret("secret");
}
}
Angular Код: DataService.ts
login(loginPayload) {
const headers = {
'Authorization': 'Basic ' + btoa('my-trusted-client:secret'),
'Content-type': 'application/json'
}
return this._http.post('http://localhost:8080/' + 'oauth/token', loginPayload, {headers});
}
Login.ts
const body = new HttpParams()
.set('username', this.f.username.value)
.set('password', this.f.password.value)
.set('grant_type', 'password');
this.dataService.login(body.toString()).subscribe(data => {
window.sessionStorage.setItem('token', JSON.stringify(data));
console.log(window.sessionStorage.getItem('token'));
this.router.navigate(['user-profile']);
}, error => {
alert(error.error.error_description)
});