i'm using spring authorization server, but i cannot get token. This is my code and example. pls help me know correct request
@Bean
public RegisteredClientRepository registeredClientRepository() {
RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
.clientId("client")
.clientSecret("secret")
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_JWT)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_POST)
.clientAuthenticationMethod(ClientAuthenticationMethod.PRIVATE_KEY_JWT)
.authorizationGrantType(AuthorizationGrantType.PASSWORD)
.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
.authorizationGrantType(AuthorizationGrantType.JWT_BEARER)
.clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
.build();
return new InMemoryRegisteredClientRepository(registeredClient);
}
This is my request with basic auth client/secret
curl --location --request POST 'http://localhost:9000/oauth2/token'
--header 'Authorization: Basic Y2xpZW50OnNlY3JldA=='
--header 'Content-Type: application/x-www-form-urlencoded'
--header 'Cookie: JSESSIONID=557C0348994EFC10DB8E7F06C2FDFF21'
--data-urlencode 'grant_type=client_credentials'
response 401:
{ "error": "invalid_client" }
You can try upgrading spring-security-oauth2-authorization-server
to newer version 0.2.0
I ran into the same problem with client_secret_post
, but then upgrading the version works for me.
What is the groupId of the artifact you are using? 0.1.2
appears to be the latest version of the groupId = org.springframework.security.experimental
If you change your groupId to org.springframework.security
you'll see version 0.2.2
and higher
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.