12

I setting the Spring Configuration Below:

@EnableAuthorizationServer
@EnableWebSecurity
@Configuration
public class Oauth2Provider extends WebSecurityConfigurerAdapter implements
        AuthorizationServerConfigurer {

    /*
     * @Autowired private TokenStore tokenStore;
     */

    @Configuration
    protected static class AuthenticationConfiguration extends
            GlobalAuthenticationConfigurerAdapter {

        @Override
        public void init(AuthenticationManagerBuilder auth) throws Exception {
            auth.inMemoryAuthentication().withUser("user").password("password")
                    .roles("USER").and().withUser("admin").password("password")
                    .roles("USER", "ADMIN");
        }

    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security)
            throws Exception {
        // TODO Auto-generated method stub
        security.allowFormAuthenticationForClients();

    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients)
            throws Exception {

        // TODO Auto-generated method stub
        clients.inMemory()
                .withClient("my-trusted-client")
                .authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
                .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT", "ROLE_ANONYMOUS")
                .scopes("read", "write", "trust")
                .secret("secret")
                .accessTokenValiditySeconds(60);
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
            throws Exception {
        // TODO Auto-generated method stub

    }

}

And Maven Setting is Below:

<dependency>
    <groupId>org.springframework.security.oauth</groupId>
    <artifactId>spring-security-oauth2</artifactId>
    <version>2.0.5.RELEASE</version>
</dependency>

I Access : http://localhost:8080/oauth/token Payload grant_type=password&password=password&username=user&scope=read&client_id=my-trusted-client&client_secret=secret

But I receive error below:

{
error: "unsupported_grant_type"
error_description: "Unsupported grant type: password"
}
JSH
  • 141
  • 1
  • 2
  • 5

1 Answers1

25

To use password grant you need to provide an authentication manager to the authorization server (in the empty method with the TODO in your example), so it can authenticate users. If it's a Spring Boot application there is always an AuthenticationManager available to be @Autowired.

Dave Syer
  • 56,583
  • 10
  • 155
  • 143
  • And make sure to allow "password" in the client's authorizedGrantTypes – lilalinux Mar 20 '18 at 22:27
  • 2
    "If it's a Spring Boot application there is always an AuthenticationManager available to be @Autowired", not anymore, if you do declare a UserDetailsService, right? – Igor Donin Apr 22 '18 at 18:33
  • `AuthenticationConfiguration` object is injected and `AuthenticationManager` object is provided with `#getAuthenticationManager` method. – The_Cute_Hedgehog May 22 '19 at 15:44
  • dave - would you mind helping with this -> [How does spring oauth2 clientDetails.getAuthorities() help/work?](https://stackoverflow.com/questions/73725293/how-does-spring-oauth2-clientdetails-getauthorities-help-work) – samshers Sep 19 '22 at 15:30