1. 首页
  2. 问答
  3. 春季启动OAuth2和UserDetails

春季启动OAuth2和UserDetails

2016-08-16 265 views
0

我想在Spring Boot中为我的REST API实现一个Auth服务器,并且我努力将自己的用户存储库自动装入到配置中。有人可以建议如何正确地做到这一点?春季启动OAuth2和UserDetails

我有以下auth服务器的配置:

@Configuration 
@EnableAuthorizationServer 
public class OAuth2Config extends AuthorizationServerConfigurerAdapter { 

    @Autowired 
    @Qualifier("userDetailsService") 
    private UserDetailsService userDetailsService; 

    @Autowired 
    private AuthenticationManager authenticationManager; 

    @Value("${gigsterous.oauth.tokenTimeout:3600}") 
    private int expiration; 

    @Override 
    public void configure(AuthorizationServerEndpointsConfigurer configurer) throws Exception { 
     configurer.authenticationManager(authenticationManager); 
     configurer.userDetailsService(userDetailsService); 
     configurer.accessTokenConverter(accessTokenConverter()); 
    } 

    @Override 
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception { 
     clients.inMemory() 
      .withClient("gigsterous") 
      .secret("secret") 
      .accessTokenValiditySeconds(expiration) 
      .scopes("read", "write") 
      .authorizedGrantTypes("password", "refresh_token") 
      .resourceIds("resource"); 
    } 

    /** 
    * Use custom jwt token converter to enhance the token with custom fields 
    * 
    * @return CustomTokenConverter 
    */ 
    @Bean 
    public CustomTokenConverter accessTokenConverter() { 
     return new CustomTokenConverter(); 
    } 
}

用户服务:

@Service("userDetailsService") 
public class UserService implements UserDetailsService { 

    @Autowired 
    private UserRepository userRepository; 

    public List<User> getUsers() { 
     return userRepository.findAll(); 
    } 

    public User getUser(Long id) { 
     return userRepository.findById(id); 
    } 

    @Override 
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 
     return (UserDetails) userRepository.findOneByUsername(username); 
    } 
}

用户:

@Entity 
@Table(name = "users") 
@Getter 
@Setter 
public class User { 

    @Id 
    @GeneratedValue(strategy = GenerationType.AUTO) 
    @Column(name = "user_id", nullable = false, updatable = false) 
    private Long id; 

    @Column(name = "email", nullable = false, unique = true) 
    private String email; 

    @Column(name = "username", nullable = false, unique = true) 
    private String username; 

    @Column(name = "password", nullable = false) 
    private String password; 

    protected User() { 
     // hibernate 
    } 

}

我使用的迁徙路线和当前存储我的用户在H2在内存数据库(这是工作正常,所以我省略了我的问题的这部分代码,以避免conf延髓)。

当我尝试使用此命令授权从我的数据库中的一些用户:

curl -X POST --user 'gigsterous:secret' -d 'grant_type=password&username=peter&password=password' http://localhost:9000/gigsterous-auth/oauth/token

我得到如下回应:

{"error":"unauthorized","error_description":"com.gigsterous.auth.domain.User cannot be cast to org.springframework.security.core.userdetails.UserDetails"}

显然,我不能隐蔽我的用户POJO为UserDetails对象,但由于它是一个匿名类,我无法弄清楚如何正确构建它。

来源

2016-08-16 Smajl

回答

0

我已经很久没有在春季工作过,我的记忆可能不好。但是,如果我没有错,你想用UserDetails作为你的用户,你必须实现它,UserDetails是一个接口。 :D 我建议更改您的班级的姓名,用户已存在于OAuth2资料库

来源

2016-08-16 08:24:42 Einsamer

相关问题

 相关问题