Record a small problem encountered in upgrading an authentication service when I was working today. Although the final solution was only one line of code, it took almost three hours
The initial version is
springboot 1.5.9.RELEASE
springcloud Dalston.SR1
Upgrade to
springboot 2.0.3.RELEASE
springcloude finchley.RELEASE
After the upgrade, the service runs normally, but an error is reported when requesting authentication
http://localhost :9000/oauth/token?grant_ type=password& scope=app& client_ id=client_ 2& client_ secret=123456& username=user& password=123456
Reply
{
“error”: “invalid_ client”,
“error_ description”: “Bad client credentials”
}
View the back-end code log
2018-09-12 00:49:40.910 WARN 519 — [nio-9000-exec-2] o.s.s.c.bcrypt.BCryptPasswordEncoder : Encoded password does not look like BCrypt
Various configurations have been changed. After reading all kinds of configuration documents, you can find a useful blog in CSDN
https://blog.csdn.net/smollsnail/article/details/78934188
According to this, after modifying two codes, it can run without error
@Bean
public PasswordEncoder bCryptPasswordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}Here. Secret (bcryptpasswordencoder. Encode (“123456”) should also be encrypted
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
//Configure two clients, one for password authentication and one for client authentication
clients.inMemory()
.withClient("client_2")
.resourceIds(DEMO_RESOURCE_ID)
.authorizedGrantTypes("password", "refresh_token")
.scopes("app")
.authorities("ROLE_APP")
.secret(bCryptPasswordEncoder.encode("123456"))
.accessTokenValiditySeconds(60 * 30)
.refreshTokenValiditySeconds(60 * 60);
}But in this way, the password stored in the database will change
{bcrypt}$2a$10$dXJ3SW6G7P50lGmMkkmwe.20cQQubK3.HZWzG3YB1tlRy.fqvM/BGThe data in the original system will be modified. And some other issues. The data in the original database cannot be modified
So I guess that changing the encryption mode back to bcrypt encryption class is really successful, and it is not mandatory to use the new factory mode
@Bean
public PasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}After that, you may need to look at the source code again. I guess it was in
. Secret (bcryptpasswordencoder. Encode (“123456”))
before, there is no need to encrypt. Now, there is a default encryption matching. So the final modification only needs to change the original
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
//Configure two clients, one for password authentication and one for client authentication
clients.inMemory()
.withClient("client_2")
.resourceIds(DEMO_RESOURCE_ID)
.authorizedGrantTypes("password", "refresh_token")
.scopes("app")
.authorities("ROLE_APP")
.secret("123456")
.accessTokenValiditySeconds(60 * 30)
.refreshTokenValiditySeconds(60 * 60);
}After modification
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
//Configure two clients, one for password authentication and one for client authentication
clients.inMemory()
.withClient("client_2")
.resourceIds(DEMO_RESOURCE_ID)
.authorizedGrantTypes("password", "refresh_token")
.scopes("app")
.authorities("ROLE_APP")
.secret(bCryptPasswordEncoder.encode("123456"))
.accessTokenValiditySeconds(60 * 30)
.refreshTokenValiditySeconds(60 * 60);
}It solves the problem of authentication error after the upgrade. Although the final solution changes only one line of code. But it took more than three hours.