OAuth2身份验证服务的集成测试？

Question

So I'm trying to learn how to use Spring Boot services, decided the place to start was an OAuth2 authentication service. Of course, I want some integration tests to make sure my auth is running properly. My problem is, I can get a token using curl just fine, however when I try to grab one through I get a 400 error and the following JSON

{"error":"invalid_request","error_description":"Missing grant type"}

The curl command I'm using is

curl -v my-trusted-client:@localhost:9999/oauth/token -d grant_type=password -d username=user -d password=password

Integration test code is

@RunWith(SpringJUnit4ClassRunner.class)
@SpringApplicationConfiguration(classes = AuthApplication.class)
@WebIntegrationTest
public class AuthServiceIntegrationTest {
    @Value("${server.port}")
    private int port;

    @Value("${security.user.name}")
    private String username;

    @Value("${security.user.password}")
    private String password;

    private RestTemplate template = new TestRestTemplate("my-trusted-client","");

    @Test
    public void testTokenGet() throws Exception{
        String url = "http://localhost:"+port+"/oauth/token";
        Map<String, String> data = new HashMap<>();
        data.put("grant_type", "password");
        data.put("username", username);
        data.put("password", password);
        ResponseEntity<String> token = template.postForEntity(url, data, String.class);
        assertEquals(HttpStatus.OK, token.getStatusCode());
    }
}

And the config is

@Configuration
@EnableAuthorizationServer
public class OAuthConfiguration extends AuthorizationServerConfigurerAdapter {

     @Autowired
     private AuthenticationManager authenticationManager;

     @Override
     public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
         endpoints.authenticationManager(authenticationManager);
     }

     @Override
     public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
         clients.inMemory()
                .withClient("my-trusted-client")
                    .authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
                    .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
                    .scopes("read", "write", "trust")
                    .resourceIds("oauth2-resource")
                    .accessTokenValiditySeconds(60)
                .and()
                    .withClient("my-client-with-registered-redirect")
                    .authorizedGrantTypes("authorization_code")
                    .authorities("ROLE_CLIENT")
                    .scopes("read", "trust")
                    .resourceIds("oauth2-resource")
                    .redirectUris("http://anywhere?key=value")
                .and()
                    .withClient("my-client-with-secret")
                    .authorizedGrantTypes("client_credentials", "password")
                    .authorities("ROLE_CLIENT")
                    .scopes("read")
                    .resourceIds("oauth2-resource")
                    .secret("secret");
    }
}

Pretty much copied and pasted from https://github.com/dsyer/spring-oauth2-integration-tests/blob/master/vanilla/src/main/java/demo/Application.java

Any insights into what I'm doing wrong?

Answer 1

我认为您需要一个MultiValueMap （而不是常规Map ）来说服其余模板在请求正文中发送表单编码的数据。