Spring Oauth2 Authentication Server with AngularJS Login Page -
i trying convert sample oath2 authserver application provided @ https://github.com/spring-cloud-samples/authserver using spring mvc login page, 1 using angularjs. having problems.
when running modified authentication server, i’m getting looks cors error after sending authorization client:
get http://localhost:8080/dashboard/login?code=j5lpmt&state=4olepd :9999/uaa/#/login:1 xmlhttprequest cannot load http://localhost:8080/dashboard/login?code=j5lpmt&state=4olepd. no 'access-control-allow-origin' header present on requested resource. origin 'http://localhost:9999' therefore not allowed access. response had http status code 401.
for client, i’m using authservers partner application sso client located at: https://github.com/spring-cloud-samples/sso. exception of swapping port numbers both applications sso client unchanged.
my modified server follows:
@configuration @componentscan @enableautoconfiguration @controller @sessionattributes("authorizationrequest") public class authserverapplication extends webmvcconfigureradapter { public static void main(string[] args) { springapplication.run(authserverapplication.class, args); } @configuration @order(managementserverproperties.access_override_order) protected static class loginconfig extends websecurityconfigureradapter { @autowired private authenticationmanager authenticationmanager; @override protected void configure(httpsecurity http) throws exception { // @formatter:off http .requestmatchers().antmatchers("/**") .and() .headers().frameoptions().sameorigin() .and() .formlogin() .loginpage("/") .loginprocessingurl("/login") .permitall() .and() .authorizerequests() .antmatchers( "/index.html", "/login.html", "/bower_components/**", "/" ) .permitall() .anyrequest().authenticated() .and() .csrf() .csrftokenrepository(csrftokenrepository()) .and() .addfilterafter(csrfheaderfilter(), csrffilter.class) .exceptionhandling() .authenticationentrypoint(new loginurlauthenticationentrypoint("/")); // @formatter:on } @override protected void configure(authenticationmanagerbuilder auth) throws exception { auth.parentauthenticationmanager(authenticationmanager); } private filter csrfheaderfilter() { return new onceperrequestfilter() { @override protected void dofilterinternal(httpservletrequest request, httpservletresponse response, filterchain filterchain) throws servletexception, ioexception { csrftoken csrf = (csrftoken) request .getattribute(csrftoken.class.getname()); if (csrf != null) { cookie cookie = new cookie("xsrf-token", csrf.gettoken()); cookie.setpath("/"); response.addcookie(cookie); } filterchain.dofilter(request, response); } }; } private csrftokenrepository csrftokenrepository() { httpsessioncsrftokenrepository repository = new httpsessioncsrftokenrepository(); repository.setheadername("x-xsrf-token"); return repository; } } @configuration @enableauthorizationserver protected static class oauth2config extends authorizationserverconfigureradapter { @autowired private authenticationmanager authenticationmanager; @bean public jwtaccesstokenconverter jwtaccesstokenconverter() { jwtaccesstokenconverter converter = new jwtaccesstokenconverter(); keypair keypair = new keystorekeyfactory( new classpathresource("keystore.jks"), "foobar".tochararray()) .getkeypair("test"); converter.setkeypair(keypair); return converter; } @override public void configure(clientdetailsserviceconfigurer clients) throws exception { // @formatter:off clients .inmemory() .withclient("acme") .secret("acmesecret") .authorizedgranttypes("authorization_code", "refresh_token","password") .autoapprove(true) .scopes("openid"); // @formatter:on } @override public void configure(authorizationserverendpointsconfigurer endpoints) throws exception { endpoints.authenticationmanager(authenticationmanager).accesstokenconverter( jwtaccesstokenconverter()); } @override public void configure(authorizationserversecurityconfigurer oauthserver) throws exception { oauthserver.tokenkeyaccess("permitall()").checktokenaccess( "isauthenticated()"); } }
}
the javascript follows:
(function () { 'use strict'; angular.module('app', ['ngroute']) .config(appconfig); function appconfig($locationprovider, $routeprovider) { $routeprovider .when('/login', { templateurl: 'login.html', controller: 'loginctrl', controlleras: "vm" }) .otherwise('/login'); } })(); (function () { 'use strict'; angular.module('app') .controller("loginctrl", logincontroller); logincontroller.$inject = ['$http']; function logincontroller($http) { console.log("controller"); var vm = this; vm.invalidattempt = false; vm.formdata = { username: '', password: '' }; vm.login = function() { $http({ method : 'post', url : 'login', data : 'username=' + vm.formdata.username + '&password=' + vm.formdata.password, // + '&submit=login', headers : { 'content-type': 'application/x-www-form-urlencoded' } }).then(function (response) { console.log("valid response"); console.dir(response); vm.invalidattempt = false; }, function () { vm.invalidattempt = true; }); }; } })();
when executing application initial redirect authentication server, enter login data, set autoapprove(true) so, approval sent client. error occurs.
network trace of below.
localhost 200 document other 1.6 kb 111 ms bootstrap.min.css 200 stylesheet :8080/:3 107 kb 18 ms jquery.min.js 200 script :8080/:21 82.6 kb 31 ms bootstrap.min.js 200 script :8080/:23 31.4 kb 40 ms angular.min.js 200 script :8080/:25 122 kb 42 ms angular-route.min.js 200 script :8080/:27 4.6 kb 59 ms angular-resource.min.js 200 script :8080/:29 3.8 kb 56 ms angular-cookies.min.js 200 script :8080/:31 1.1 kb 64 ms app.js 200 script :8080/:32 1.4 kb 62 ms user 302 angular.js:9683 480 b 36 ms home.html 200 xhr angular.js:9683 289 b 6 ms login 302 xhr http://localhost:8080/dashboard/login 507 b 20 ms login 302 http://localhost:8080/dashboard/user 507 b 20 ms authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=1wk5y2 302 xhr http://localhost:9999/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=1wk5y2 479 b 125 ms authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=1wk5y2 302 other 479 b 125 ms login 302 other 507 b 6 ms authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=4olepd 302 http://localhost:8080/dashboard/login 479 b 15 ms uaa/ 200 document http://localhost:9999/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=4olepd 1.4 kb 29 ms bootstrap.min.css 200 stylesheet (index):3 119 kb 46 ms jquery.min.js 200 script (index):10 85.2 kb 56 ms bootstrap.min.js 200 script (index):11 36.7 kb 55 ms angular.min.js 200 script (index):12 157 kb 70 ms angular-route.min.js 200 script (index):13 5.2 kb 100 ms angular-cookies.min.js 200 script (index):14 1.9 kb 35 ms angular-resource.min.js 200 script (index):15 4.9 kb 104 ms app.js 200 script (index):17 577 b 64 ms http-interceptor.js 200 script (index):18 1.4 kb 76 ms login.js 200 script (index):19 1.3 kb 82 ms login.html 200 xhr angular.js:12011 1.2 kb 10 ms login 302 x-www-form-urlencoded angular.js:12011 592 b 21 ms authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=4olepd 302 xhr http://localhost:9999/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=4olepd 502 b 48 ms authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=4olepd 302 http://localhost:9999/uaa/login 502 b 48 ms login?code=j5lpmt&state=4olepd 401 xhr other 0 b 81 ms
for comparison. network trace using original application. successful redirect.
localhost 200 document other 1.6 kb 4 ms bootstrap.min.css 200 stylesheet :8080/:3 107 kb 12 ms jquery.min.js 200 script :8080/:21 82.6 kb 18 ms bootstrap.min.js 200 script :8080/:23 31.4 kb 16 ms angular.min.js 200 script :8080/:25 122 kb 17 ms angular-route.min.js 200 script (index):27 4.6 kb 11 ms angular-resource.min.js 200 script (index):29 3.8 kb 11 ms angular-cookies.min.js 200 script (index):31 1.1 kb 10 ms app.js 200 script (index):32 1.4 kb 6 ms user 302 angular.js:9683 480 b 27 ms home.html 200 xhr angular.js:9683 289 b 8 ms login 302 xhr http://localhost:8080/dashboard/login 507 b 6 ms login 302 http://localhost:8080/dashboard/user 507 b 6 ms authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=xjyiia 302 xhr http://localhost:9999/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=xjyiia 336 b 32 ms authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=xjyiia 302 other 336 b 32 ms login 302 other 507 b 13 ms authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=ekvmqe 302 http://localhost:8080/dashboard/login 415 b 21 ms login 200 document http://localhost:9999/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=ekvmqe 1.1 kb 13 ms wro.css 200 stylesheet login:3 129 kb 16 ms wro.js 200 script login:20 82.4 kb 15 ms login 302 x-www-form-urlencoded other 523 b 7 ms authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=ekvmqe 200 document http://localhost:9999/uaa/login 1.4 kb 12 ms wro.css 200 stylesheet authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&stat…:3 (from memory cache) 0 ms wro.js 200 script :9999/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8080/dashboard/login&response_type=code&state=ekvmqe:20 (from memory cache) 0 ms authorize 302 x-www-form-urlencoded other 433 b 11 ms login?code=w77hlh&state=ekvmqe 302 http://localhost:9999/uaa/oauth/authorize 465 b 44 ms localhost 200 document http://localhost:8080/dashboard/login?code=w77hlh&state=ekvmqe 1.6 kb 4 ms bootstrap.min.css 200 stylesheet (index):3 107 kb 4 ms jquery.min.js 200 script (index):21 82.6 kb 7 ms bootstrap.min.js 200 script (index):23 31.4 kb 16 ms angular.min.js 200 script (index):25 122 kb 12 ms angular-route.min.js 200 script (index):27 4.6 kb 14 ms angular-resource.min.js 200 script (index):29 3.8 kb 15 ms angular-cookies.min.js 200 script (index):31 1.1 kb 15 ms app.js 200 script (index):32 1.4 kb 16 ms user 200 xhr angular.js:9683 1.8 kb 7 ms home.html 200 xhr angular.js:9683 289 b 3 ms
can see doing wrong.
thanks
Comments
Post a Comment