I am using spring boot oauth, while doing authorization I am not able to validate my credentials even if I used inMemory.
My authorization server:
@Configuration
@EnableAuthorizationServer
@Import(ServerWebSecurityConfig.class)
public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
static final String CLIEN_ID = "ipro-client";
static final String CLIENT_SECRET = "ipro-secret";
static final String GRANT_TYPE = "password";
static final String AUTHORIZATION_CODE = "authorization_code";
static final String REFRESH_TOKEN = "refresh_token";
static final String IMPLICIT = "implicit";
static final String SCOPE_READ = "read";
static final String SCOPE_WRITE = "write";
static final String TRUST = "trust";
static final int ACCESS_TOKEN_VALIDITY_SECONDS = 1 * 60 * 60;
static final int FREFRESH_TOKEN_VALIDITY_SECONDS = 6 * 60 * 60;
static final String REDIRECT_URI = "http://localhost:8888/login";
/*@Autowired
@Qualifier("ibrdatasource")
private DataSource dataSource;*/
@Autowired
private UserDetailsService userDetailsService;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.tokenStore(tokenStore()).accessTokenConverter(accessTokenConverter())
.authenticationManager(authenticationManager).userDetailsService(userDetailsService);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("permitAll()");
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
/*
* @Override public void configure(ClientDetailsServiceConfigurer clients)
* throws Exception { JdbcClientDetailsService jdbcClientDetailsService = new
* JdbcClientDetailsService(dataSource);
* clients.withClientDetails(jdbcClientDetailsService); }
*/
@Override
public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {
configurer.inMemory().withClient(CLIEN_ID).secret(CLIENT_SECRET)
.authorizedGrantTypes(GRANT_TYPE, AUTHORIZATION_CODE, REFRESH_TOKEN, IMPLICIT)
.scopes(SCOPE_READ, SCOPE_WRITE, TRUST).redirectUris(REDIRECT_URI)
.accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS)
.refreshTokenValiditySeconds(FREFRESH_TOKEN_VALIDITY_SECONDS);
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey("123");
return converter;
}
@Bean
@Primary
public DefaultTokenServices tokenServices() {
DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true);
return defaultTokenServices;
}
@Bean
public PasswordEncoder userPasswordEncoder() {
return new BCryptPasswordEncoder(4);
}
}
And I am adding userdetails with inMemory data:
@Bean
public UserDetailsService userDetailsService() {
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(User.withUsername("user").password("user").roles("USER").build());
manager.createUser(User.withUsername("admin").password("password").roles("USER", "ADMIN").build());
return manager;
}
But I am not able to validate these details. It's showing bad credentials. Please help me on this, any help would be great.
@Bean
public PasswordEncoder userPasswordEncoder() {
return new BCryptPasswordEncoder(4);
}
@Autowired
PasswordEncoder passwordEncoder;
@Bean
public UserDetailsService userDetailsService() {
InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
manager.createUser(
User.withUsername("user").password(this.passwordEncoder.encode("user")).roles("USER").build());
manager.createUser(User.withUsername("admin").password(this.passwordEncoder.encode("password"))
.roles("USER", "ADMIN").build());
return manager;
}