zoukankan      html  css  js  c++  java

  • Spring Security 5.x Invalid Authorization Grant Type (password) for Client Registration with Id: reader

    客户端授权模式配置

    authorizationGrantType: password

    默认的授权请求解析不支持password模式,只支持AUTHORIZATION_CODE和IMPLICIT;
    源码如下
    DefaultOAuth2AuthorizationRequestResolver

    private OAuth2AuthorizationRequest resolve(HttpServletRequest request, String registrationId, String redirectUriAction) {
        if (registrationId == null) {
            return null;
        } else {
            ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId);
            if (clientRegistration == null) {
                throw new IllegalArgumentException("Invalid Client Registration with Id: " + registrationId);
            } else {
                Map<String, Object> attributes = new HashMap();
                attributes.put("registration_id", clientRegistration.getRegistrationId());
                Builder builder;
                if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(clientRegistration.getAuthorizationGrantType())) {
                    builder = OAuth2AuthorizationRequest.authorizationCode();
                    Map<String, Object> additionalParameters = new HashMap();
                    if (!CollectionUtils.isEmpty(clientRegistration.getScopes()) && clientRegistration.getScopes().contains("openid")) {
                        this.addNonceParameters(attributes, additionalParameters);
                    }

                    if (ClientAuthenticationMethod.NONE.equals(clientRegistration.getClientAuthenticationMethod())) {
                        this.addPkceParameters(attributes, additionalParameters);
                    }

                    builder.additionalParameters(additionalParameters);
                } else {
                    if (!AuthorizationGrantType.IMPLICIT.equals(clientRegistration.getAuthorizationGrantType())) {
                        throw new IllegalArgumentException("Invalid Authorization Grant Type (" + clientRegistration.getAuthorizationGrantType().getValue() + ") for Client Registration with Id: " + clientRegistration.getRegistrationId());
                    }

                    builder = OAuth2AuthorizationRequest.implicit();
                }

                String redirectUriStr = expandRedirectUri(request, clientRegistration, redirectUriAction);
                OAuth2AuthorizationRequest authorizationRequest = builder.clientId(clientRegistration.getClientId()).authorizationUri(clientRegistration.getProviderDetails().getAuthorizationUri()).redirectUri(redirectUriStr).scopes(clientRegistration.getScopes()).state(this.stateGenerator.generateKey()).attributes(attributes).build();
                return authorizationRequest;
            }
        }
    }
  • 相关阅读:
    Jisa's Notebook
    前端常见跨域解决方案
    串口
    logging的使用
    Hexo
    优美的二维树状数组
    数据结构之树的基本概念
    js 监听ios手机键盘弹起和收起的事件
    jquery.qrcode.js生成二维码(前端生成二维码)
    js产生一个随机的字符串数字组合
  • 原文地址:https://www.cnblogs.com/jinit/p/14197121.html
Copyright © 2011-2022 走看看