使用Spring实现Oauth2。我想实现隐式工作流程：

我的配置文件：

@Configuration
@EnableAutoConfiguration
@RestController
public class App {

    @Autowired
    private DataSource dataSource;

    public static void main(String[] args) {
        SpringApplication.run(App.class, args);
    }

    @RequestMapping("/")
    public String home() {
        return "Hello World";
    }

    @Configuration
    @EnableResourceServer
    protected static class ResourceServer extends ResourceServerConfigurerAdapter {

        @Autowired
        private TokenStore tokenStore;

        @Override
        public void configure(ResourceServerSecurityConfigurer resources)
                throws Exception {
            resources.tokenStore(tokenStore);
        }

        @Override
        public void configure(HttpSecurity http) throws Exception {
            // @formatter:off
        http.authorizeRequests().antMatchers("/oauth/token").authenticated()
                .and()
                .authorizeRequests().anyRequest().permitAll()
                .and()
                .formLogin().loginPage("/login").permitAll()
                .and()
                .csrf().disable();
        }

    }

    @Configuration
    @EnableAuthorizationServer
    protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {

        @Autowired
        private AuthenticationManager auth;

        private BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();

        @Bean
        public JdbcTokenStore tokenStore() {
            return new JdbcTokenStore(DBConnector.dataSource);
        }

        @Bean
        protected AuthorizationCodeServices authorizationCodeServices() {
            return new JdbcAuthorizationCodeServices(DBConnector.dataSource);
        }

        @Override
        public void configure(AuthorizationServerSecurityConfigurer security)
                throws Exception {
            security.passwordEncoder(passwordEncoder);
        }

        @Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints)
                throws Exception {
            endpoints.authorizationCodeServices(authorizationCodeServices())
                    .authenticationManager(auth).tokenStore(tokenStore())
                    .approvalStoreDisabled();            
        }

        @Override
        public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
            // @formatter:off
            clients.jdbc(DBConnector.dataSource)
                    .passwordEncoder(passwordEncoder)
                    .withClient("my-trusted-client")
                    .secret("test")
                    .authorizedGrantTypes("password", "authorization_code",
                            "refresh_token", "implicit")
                    .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
                    .scopes("read", "write", "trust")
                    .resourceIds("oauth2-resource")
                    .accessTokenValiditySeconds(0);

            // @formatter:on
        }

    }

    @Autowired
    public void init(AuthenticationManagerBuilder auth) throws Exception {
        // @formatter:off 
        auth.jdbcAuthentication().dataSource(DBConnector.dataSource).withUser("dave")
                .password("secret").roles("USER");

        // @formatter:on
    }

}

到目前为止，这是可行的。数据库中还会生成一个用户。

问题如下。当我尝试执行以下请求时：

http：// localhost：8080 / oauth / token？grant_type =
authorization_code＆client_id = my-trusted-client＆username = dave＆password =
secret

我总是会看到一个弹出窗口（身份验证），要求我输入用户名和密码。但是，无论我进入那里，我都不会经过。那么，那里出了什么问题？

我想拥有它，当我调用此url时，我得到了我的access_token。