'spring sas 0.2.0 access_token throw 'Access is denied'

I have got the access_token from '/oauth2/token' endpoint. But when I query other custom endpoint with access_token, spring sas 0.2.0 throw 'Access is denied'.

First execute
curl --location --request POST 'http://127.0.0.1:9000/oauth2/token?grant_type=authorization_code&code=YeJIEhXpWDVkRiuCy3ARVHQDb9KJxrU0EF4LqT5CO_3t6fesQtNLWFPHYpm93ZmhvjSC3gNJh7EkC-Y8zjeUE7gG7PVYi0ZKFIHv2vosAHqllgdsy-2FEUFCJg01psrA&redirect_uri=https://www.baidu.com' \ --header 'Authorization: Basic bWVzc2FnaW5nLWNsaWVudDpzZWNyZXQ=' \ --header 'Cookie: JSESSIONID=984A845EEFA040BFE7114A49A31A207C'

the response is

{
    "access_token": "eyJraWQiOiJhNzA2ODU0NS1kNGE3LTQzOWUtOWFjNS1lNjA3ZmE4M2FlYTQiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyMSIsImF1ZCI6Im1lc3NhZ2luZy1jbGllbnQiLCJuYmYiOjE2MzY0NDY1NzcsInNjb3BlIjpbIm1lc3NhZ2Uud3JpdGUiXSwiaXNzIjoiaHR0cDpcL1wvYXV0aC1zZXJ2ZXI6OTAwMCIsImV4cCI6MTYzNjQ0Njg3NywiaWF0IjoxNjM2NDQ2NTc3fQ.gK5ZQyHbV3vC1KkKuTp39BpSevKJPawy0ruXAUtICkTacz4hPv0u39lIf2Yze0-esq5D58YHOU2mcTE7RwGQDVjJVTxx9acV4a0bNcVM7H52I1QMCVWVYOl9fXmG8Z2aZFgEXP5TvmWaDh7ZZkG8iAxIexE72rlbkCB9P58_fkKLt9ui_lJGhDlD3ExKs2hcwyiDQmHugP3bpxGBX2rq_pnBN50oG0Tffur3fzTaO9pehxikjLCrbfAt94TeF3O7xrqvcHMRvUVR78pdN7Z4zEPCYWCq1bDEqXKUqdRfqxoK6JZJb4CpZXGC5I3eh9xg_1CSfbA3EKil0iKR0wUmog",
    "refresh_token": "2jR_frg36Bzogz-Ul7_KQCokYLuWu2IKhW1fpL8YBZv_qrunTXN-UX7mwPcs0AXFf8ILnsiqbnz5q_Ant26VdElP5ts01SVF-lwq1BKMCM9H1Qls8qgXuKMENdE4-vUX",
    "scope": "message.write",
    "token_type": "Bearer",
    "expires_in": 299
}

Second execute
curl --location --request GET 'http://127.0.0.1:9000/abc/hello' \ --header 'Authorization: Bearer eyJraWQiOiJhNzA2ODU0NS1kNGE3LTQzOWUtOWFjNS1lNjA3ZmE4M2FlYTQiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyMSIsImF1ZCI6Im1lc3NhZ2luZy1jbGllbnQiLCJuYmYiOjE2MzY0NDY1NzcsInNjb3BlIjpbIm1lc3NhZ2Uud3JpdGUiXSwiaXNzIjoiaHR0cDpcL1wvYXV0aC1zZXJ2ZXI6OTAwMCIsImV4cCI6MTYzNjQ0Njg3NywiaWF0IjoxNjM2NDQ2NTc3fQ.gK5ZQyHbV3vC1KkKuTp39BpSevKJPawy0ruXAUtICkTacz4hPv0u39lIf2Yze0-esq5D58YHOU2mcTE7RwGQDVjJVTxx9acV4a0bNcVM7H52I1QMCVWVYOl9fXmG8Z2aZFgEXP5TvmWaDh7ZZkG8iAxIexE72rlbkCB9P58_fkKLt9ui_lJGhDlD3ExKs2hcwyiDQmHugP3bpxGBX2rq_pnBN50oG0Tffur3fzTaO9pehxikjLCrbfAt94TeF3O7xrqvcHMRvUVR78pdN7Z4zEPCYWCq1bDEqXKUqdRfqxoK6JZJb4CpZXGC5I3eh9xg_1CSfbA3EKil0iKR0wUmog' \ --header 'Cookie: JSESSIONID=230472D75BB8A81CC4EEDE46F83376A3'

response is http status 401



Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source