Springboot2 和 oauth

Posted 2023-02-25

【中文标题】Springboot2 和 oauth

【英文标题】：Springboot2 and oauth

【发布时间】：2018-09-06 07:50:12

【问题描述】：

我正在尝试使用 https://github.com/spring-projects/spring-security-oauth2-boot 使用 Springboot2 进行工作 oauth

本教程：https://docs.spring.io/spring-security-oauth2-boot/docs/current-SNAPSHOT/reference/htmlsingle/

SpringBootApp

@SpringBootApplication
@EnableAuthorizationServer
public class SafechatApplication 

    public static void main(String[] args) 
        SpringApplication.run(SafechatApplication.class, args);
    

    @Bean
    public UserDetailsService a() 
        return new AuthServiceImpl();
    

    @Bean
    public AuthenticationManager b() 
        return new OAuth2AuthenticationManager();
    

ServletInitializer

public class ServletInitializer extends SpringBootServletInitializer 

    @Override
    protected SpringApplicationBuilder configure(SpringApplicationBuilder application) 
        return application.sources(SafechatApplication.class);
    

用户详细信息服务

@Service(value = "authService")
public class AuthServiceImpl implements UserDetailsService 

    public UserDetails loadUserByUsername(String userId) throws UsernameNotFoundException 

        return new org.springframework.security.core.userdetails.User("root", "admin", getAuthority());
    

    private List<GrantedAuthority> getAuthority() 
        return Collections.singletonList(new SimpleGrantedAuthority("USER_ROLE"));
    

    public List<UserDetails> findAll() 
        return Collections.singletonList(new org.springframework.security.core.userdetails.User("root", "admin", getAuthority()));
    

尝试检索访问令牌时：

http://localhost:8080/oauth/token

堆栈：

2018-03-28 00:16:54.203 ERROR 6688 --- [           main] o.s.boot.SpringApplication               : Application run failed

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'b' defined in cz.berger.safechat.SafechatApplication: Invocation of init method failed; nested exception is java.lang.IllegalStateException: TokenServices are required
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1710) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:583) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:502) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:312) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:228) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:310) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:200) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:760) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:868) ~[spring-context-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:549) ~[spring-context-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:140) ~[spring-boot-2.0.0.RELEASE.jar:2.0.0.RELEASE]
    at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:752) [spring-boot-2.0.0.RELEASE.jar:2.0.0.RELEASE]
    at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:388) [spring-boot-2.0.0.RELEASE.jar:2.0.0.RELEASE]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:327) [spring-boot-2.0.0.RELEASE.jar:2.0.0.RELEASE]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1246) [spring-boot-2.0.0.RELEASE.jar:2.0.0.RELEASE]
    at org.springframework.boot.SpringApplication.run(SpringApplication.java:1234) [spring-boot-2.0.0.RELEASE.jar:2.0.0.RELEASE]
    at cz.berger.safechat.SafechatApplication.main(SafechatApplication.java:26) [main/:na]
Caused by: java.lang.IllegalStateException: TokenServices are required
    at org.springframework.util.Assert.state(Assert.java:73) ~[spring-core-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager.afterPropertiesSet(OAuth2AuthenticationManager.java:62) ~[spring-security-oauth2-2.2.1.RELEASE.jar:na]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1769) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1706) ~[spring-beans-5.0.4.RELEASE.jar:5.0.4.RELEASE]
    ... 16 common frames omitted

:bootRun FAILED

我试图解决这些问题，但现在无法启动。我应该提供什么 AuthenticationManager？

【问题讨论】：

需要提供认证管理器，请参考这个post

Spring Oauth2 Authorization Server的可能重复

我会说看看@rena 的建议。您还需要一个包含“user:pw”的用户/用户服务。还需要发送客户端/秘密对 base64 编码。您在该链中还有两次“authorizedGrantTypes”，不确定这是否会破坏某些东西。

我尝试按照建议修复我的代码。请问我应该使用什么 AuthenticationManager？

【参考方案1】：

您需要在配置类中进行以下配置，并摆脱应用程序类中的这两个 bean

@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter 
    @Autowired
    private AuthenticationManager authenticationManager;
    @Autowired 
    @Qualifier("authService")
    private UserDetailsService userDetailsService;
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception 
        endpoints.authenticationManager(authenticationManager)
                 .userDetailsService(userDetailsService);
    

    //....

【讨论】：

似乎找不到 AuthenticationManager：说明：cz.berger.safechat.CustomAuthorizationServerConfigurer 中的字段 authenticationManager 需要一个找不到的 'org.springframework.security.authentication.AuthenticationManager' 类型的 bean。

对不起，我没有看到你指定spring boot 2，你需要像这样覆盖authenticationManagerBean：@Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception return super.authenticationManagerBean();

请问在哪个班？ AuthorizationServerConfigurerAdapter 没有方法 authenticationManagerBean

您应该扩展 WebSecurityConfigurerAdapter 以便您可以覆盖此方法，然后在您的 oauth 配置类中自动装配它，请参阅此post 它包含使用 spring boot 2 的详细配置