无法通过GET获取token

[evilmiracle]

请求链接：
http://localhost:8080/oauth/token?grant_type=password&scope=select&client_id=client_2&client_secret=123456

收到回显

{"error":"invalid_grant","error_description":"坏的凭证"}

使用你的readme提供的

http://localhost:8080/oauth/token?username=user_1&password=123456&grant_type=password&scope=select&client_id=client_2&client_secret=123456

得到回显

{"error":"server_error","error_description":"Internal Server Error"}

这是因为啥原因啊？

[lexburner]

http://localhost:8080/oauth/token?grant_type=password&scope=select&client_id=client_2&client_secret=123456
该请求有问题，因为你使用了password模式，却没有携带username和password。

http://localhost:8080/oauth/token?username=user_1&password=123456&grant_type=password&scope=select&client_id=client_2&client_secret=123456
该请求应该可以获取到正确响应，确认下你是不是做了什么特殊的配置，我这边自己是可以获得响应的。
{"error":"server_error","error_description":"Internal Server Error"}
可以把详细的error log贴出来

[cel105302]

http://localhost:8080/oauth/token?username=user_1&password=123456&grant_type=password&scope=select&client_id=client_2&client_secret=123456
{
"error": "server_error",
"error_description": "Internal Server Error"
}

后台报错：
2018-05-21 16:33:38.490 DEBUG 4112 --- [nio-8080-exec-9] .o.p.p.ResourceOwnerPasswordTokenGranter : Getting access token for: client_2
2018-05-21 16:34:05.335 DEBUG 4112 --- [nio-8080-exec-9] o.s.s.authentication.ProviderManager : Authentication attempt using org.springframework.security.authentication.dao.DaoAuthenticationProvider
2018-05-21 16:34:16.889 WARN 4112 --- [nio-8080-exec-9] o.s.s.o.provider.endpoint.TokenEndpoint : Handling error: IllegalArgumentException, There is no PasswordEncoder mapped for the id "null"
2018-05-21 16:34:16.890 DEBUG 4112 --- [nio-8080-exec-9] o.s.s.w.header.writers.HstsHeaderWriter : Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@5cbc01a0
2018-05-21 16:34:16.894 WARN 4112 --- [nio-8080-exec-9] .m.m.a.ExceptionHandlerExceptionResolver : Resolved exception caused by Handler execution: java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"
2018-05-21 16:34:16.896 DEBUG 4112 --- [nio-8080-exec-9] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally
2018-05-21 16:34:16.896 DEBUG 4112 --- [nio-8080-exec-9] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed

[leolird]

http://localhost:8080/oauth/token?username=user_1&password=123456&grant_type=password&scope=select&client_id=client_2&client_secret=123456
返回：{"error":"server_error","error_description":"Internal Server Error"}
提示不能连接Redis：
2018-06-27 16:41:24.182 WARN 3292 --- [nio-8080-exec-1] o.s.s.o.provider.endpoint.TokenEndpoint : Handling error: RedisConnectionFailureException, Unable to connect to Redis; nested exception is io.lettuce.core.RedisConnectionException: Unable to connect to 127.0.0.1:6379

[lexburner]

@cel105302 试试不要用 curl，你的请求其实被截断了。我也踩过坑。

[lexburner]

@pingalive 看看是不是自己redis服务的问题，redis-cli 可不可以连接上

[cel105302]

@pingalive，谢谢，前段时间已经解决了

[leolird]

@lexburner 我本地没有安装redis， 安上就好了

[huang-xuan]

Handling error: SerializationException, Cannot deserialize; nested exception is org.springframework.core.serializer.support.SerializationFailedException: Failed to deserialize payload. Is the byte array a result of corresponding serialization for DefaultDeserializer?; nested exception is java.io.InvalidClassException: org.springframework.security.core.authority.SimpleGrantedAuthority; local class incompatible: stream classdesc serialVersionUID = 420, local class serialVersionUID = 500

[lexburner]

@huang-xuan 这个是因为你前后的 redis 的序列器不一样造成的问题，可能是不同项目的配置不同，也有可能是同一个项目修改了配置，导致 redis 中的数据无法被正常序列化。

[huang-xuan]

我用授权码方式，页面返回这个，获取不到token
error="invalid_client", error_description="Bad client credentials"

[lexburner]

授权码模式的 demo 看来有点问题，不止一个人提了 issue，我最近抽空 debug 看下，调通了回复大家。

[lexburner]

@huang-xuan 授权码模式demo已更新，pull 之后重新看下吧

[ftqiao]

@evilmiracle 项目fork下来，按照文档请求，遇到了同样的错误。我这边看到的原因是：url请求内有空格，主要是&后面多了几个空格

[KevinQian]

@lexburner TokenEndpoint暴露的/oauth/token是GET和POST两种类型，但是GET请求是去检查allowedRequestMethods是否包含GET方法，默认只支持POST方法，具体可以看一下下面的源码。
`
private Set allowedRequestMethods = new HashSet(Arrays.asList(HttpMethod.POST));

@RequestMapping(value = "/oauth/token", method=RequestMethod.GET)
public ResponseEntity<OAuth2AccessToken> getAccessToken(Principal principal, @RequestParam
Map<String, String> parameters) throws HttpRequestMethodNotSupportedException {
	if (!allowedRequestMethods.contains(HttpMethod.GET)) {
		throw new HttpRequestMethodNotSupportedException("GET");
	}
	return postAccessToken(principal, parameters);
}

`

[sharanbm]

Add a NoOpPasswordEncoder Bean to your Oauth2Config which extends AuthorizationServerConfigurerAdapter

@Bean public static NoOpPasswordEncoder passwordEncoder() { return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance(); }