[英]Spring Boot and OAuth2 server
I'm trying to implement a simple OAuth2 server with Spring Boot.我正在尝试使用 Spring Boot 实现一个简单的 OAuth2 服务器。 In the first step I added in the main class the annotation @EnableAuthorizationServer
在第一步中,我在主 class 中添加了注释 @EnableAuthorizationServer
@SpringBootApplication
@EnableAuthorizationServer
public class PocApplication {
public static void main(String[] args) {
SpringApplication.run(PocApplication.class, args);
}
}
and I use the "application.yml" file to configure all the OAuth2 elements.我使用“application.yml”文件来配置所有 OAuth2 元素。
server:
port: 8282
spring:
security:
user:
name: root
password: root
roles: ADMIN,USER
security:
oauth2:
client:
client-id: mobile
client-secret: pin
access-token-validity-seconds: 3600
authorized-grant-types: client_credential,password
scope: READ, WRITE
authorization:
check-token-access: permitAll
With this configuration everything works fine.使用此配置,一切正常。
In the second step I tried to switch the configuration from yml file to java class.在第二步中,我尝试将配置从 yml 文件切换为 java class。
These are the classes that I created这些是我创建的类
@Configuration
public class AuthServerConfigurations extends WebSecurityConfigurerAdapter implements AuthorizationServerConfigurer {
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Autowired
AuthenticationManager authenticationManager;
PasswordEncoder passwordEncoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.checkTokenAccess("permitAll()");
}
@Override
public void configure(ClientDetailsServiceConfigurer client) throws Exception {
client.inMemory().withClient("mobile").secret(passwordEncoder.encode("pin")).scopes("READ", "WRITE").authorizedGrantTypes("password", "client_credential");
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoint) throws Exception {
endpoint.authenticationManager(authenticationManager);
}
}
and和
@Configuration
public class UserConfiguration extends GlobalAuthenticationConfigurerAdapter {
PasswordEncoder passwordEncoder=PasswordEncoderFactories.createDelegatingPasswordEncoder();
@Override
public void init(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication()
.withUser("root").password(passwordEncoder.encode("root")).roles("USER","ADMIN");
}
}
With this configuration the app doesn't work.使用此配置,应用程序无法运行。 When I run the project via maven I see that Spring generate a new "client-id" and "client-secret" instead to use "mobile" and "pin"
当我通过 maven 运行项目时,我看到 Spring 生成了一个新的“client-id”和“client-secret”,而不是使用“mobile”和“pin”
security.oauth2.client.client-id = 27234511-14a5-4b94-9cd3-ffc77c5189f3
security.oauth2.client.client-secret = 5895bf76-6b30-4160-9f13-1cbad7b986e5
this is the log这是日志
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.6.0)
2022-02-02 09:55:12.291 INFO 113288 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8282 (http)
2022-02-02 09:55:12.413 INFO 113288 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2022-02-02 09:55:12.414 INFO 113288 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.55]
2022-02-02 09:55:12.711 INFO 113288 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2022-02-02 09:55:12.712 INFO 113288 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 5978 ms
2022-02-02 09:55:13.407 INFO 113288 --- [ main] .s.s.UserDetailsServiceAutoConfiguration :
Using generated security password: 940524c4-8efa-4d7d-826b-864ff4b48392
2022-02-02 09:55:13.826 INFO 113288 --- [ main] a.OAuth2AuthorizationServerConfiguration : Initialized OAuth2 Client
security.oauth2.client.client-id = 27234511-14a5-4b94-9cd3-ffc77c5189f3
security.oauth2.client.client-secret = 5895bf76-6b30-4160-9f13-1cbad7b986e5
2022-02-02 09:55:15.130 INFO 113288 --- [ main] o.s.s.web.DefaultSecurityFilterChain : Will secure Or [Ant [pattern='/oauth/token'], Ant [pattern='/oauth/token_key'], Ant [pattern='/oauth/check_token']] with [org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter@41bfa9e9, org.springframework.security.web.context.SecurityContextPersistenceFilter@13ed066e, org.springframework.security.web.header.HeaderWriterFilter@68ef01a5, org.springframework.security.web.authentication.logout.LogoutFilter@5ae15, org.springframework.security.web.authentication.www.BasicAuthenticationFilter@1bbddada, org.springframework.security.web.savedrequest.RequestCacheAwareFilter@590765c4, org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter@64b018f3, org.springframework.security.web.authentication.AnonymousAuthenticationFilter@68b7d0ef, org.springframework.security.web.session.SessionManagementFilter@7126e26, org.springframework.security.web.access.ExceptionTranslationFilter@4872669f, org.springframework.security.web.access.intercept.FilterSecurityInterceptor@59c500f7]
2022-02-02 09:55:15.301 INFO 113288 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8282 (http) with context path ''
Why the java class configuration doesn't work?为什么 java class 配置不起作用?
Thanks谢谢
The solution of the problem is at this link问题的解决方案在这个链接
Spring Boot: Configuration Class is simply ignored and not loaded Spring 引导:配置 Class 被简单地忽略且未加载
My config files were in a different package so I added the我的配置文件在不同的 package 中,所以我添加了
@ComponentScan(basePackages = "my.config.package")
@ComponentScan(basePackages = "my.config.package")
in the main class after在主 class 之后
@SpringBootApplication
@SpringBootApplication
and it works.它有效。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.