Estou tentando criar uma API RESTful com spring boot usando oAuth2, quando tento dar um post em /oauth/token a resposta é um 401 e sem um corpo na resposta.
alguem tem alguma dica do que pode ser? eu reparei que os end points não apareceram o logger, mas nessa versão nova do spring boot parece que não aparece tudo mesmo. seguem as Classes de configuração:
AuthorizationServerConfigurerAdapter
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
private static final Integer TRINTA_MINUTOS = 180;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private TokenStore tokenStore;
@Autowired
private BCryptPasswordEncoder passwordEncoder;
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.passwordEncoder(passwordEncoder);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("angular")
.secret("$2a$10$ZSifxi0cKomJQXGFvnDi8eBwHSVya8LhiL9zTgF/cOa5QZbefU3T6")
.scopes("read", "write")
.authorizedGrantTypes("password")
.accessTokenValiditySeconds(TRINTA_MINUTOS);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.tokenStore(tokenStore)
.authenticationManager(authenticationManager);
}
}ResourceServerConfigurerAdapter
@Configuration
@EnableWebSecurity
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@Autowired
private BCryptPasswordEncoder passwordEncoder;
@Autowired
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("admin")
.password("$2a$10$VPpoZa8REzUDIkHXmaQHieisavZryR.pZvvPK.l7wrmb6..VL1LTy")
.roles("ROLE").and().passwordEncoder(passwordEncoder);
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/categorias").permitAll()
.anyRequest()
.authenticated()
.and()
.httpBasic()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().csrf().disable();
}
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
resources.stateless(true);
}
}WebSecurityConfigurerAdapter
@Configuration
@EnableAuthorizationServer
@EnableResourceServer
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Bean
public TokenStore tokenStore() {
return new InMemoryTokenStore();
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
return bCryptPasswordEncoder;
}
@Bean
@Override
public AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManagerBean();
}
}Logger do spring
2019-03-02 20:07:06.735 TRACE 24424 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping :
c.a.a.a.c.CategoriaController:
{POST /categorias}: save(Categoria,HttpServletResponse)
{GET /categorias/{id}}: findById(Long)
{GET /categorias}: categorias()
2019-03-02 20:07:06.739 TRACE 24424 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping :
c.a.a.a.c.LancamentoController:
{DELETE /lancamentos/{id}}: remove(Long)
{POST /lancamentos}: save(Lancamento,HttpServletResponse)
{GET /lancamentos/{id}}: findById(Long)
{GET /lancamentos}: pesquisar(LancamentoFilter,Pageable)
2019-03-02 20:07:06.745 TRACE 24424 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping :
c.a.a.a.c.PessoaController:
{DELETE /pessoas/{id}}: remove(Long)
{PUT /pessoas/{id}}: update(Pessoa,Long)
{POST /pessoas}: create(Pessoa,HttpServletResponse)
{PUT /pessoas/{id}/ativo}: updateStatus(Long,Boolean)
{GET /pessoas/{id}}: findById(Long)
{GET /pessoas}: pessoas()
2019-03-02 20:07:06.754 TRACE 24424 --- [ restartedMain] s.w.s.m.m.a.RequestMappingHandlerMapping :
o.s.b.a.w.s.e.BasicErrorController:
{ /error}: error(HttpServletRequest)
{ /error, produces [text/html]}: errorHtml(HttpServletRequest,HttpServletResponse)
estou usando o postman dando um basic auth e passando no corpo username, password e grant_type.
