stackoom
  简体   繁体   中英

Why is my spring @bean never instantiated?

 原文  2016-03-08 12:30:30       java/ spring/ spring-mvc

Question

I have a bean:

@Bean
public FilterRegistrationBean oauth2ClientFilterRegistration(
        OAuth2ClientContextFilter filter) {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(filter);
    registration.setOrder(-100);
    return registration;
}

but for some reason it never gets called. I'm following these instructions ( https://spring.io/guides/tutorials/spring-boot-oauth2/#_social_login_manual ) and have the following code in my configuration class.

@Configuration
@EnableOAuth2Client
public class OAuthConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    OAuth2ClientContext oauth2ClientContext;

    @Bean
    @ConfigurationProperties("security.oauth2.client")
    OAuth2ProtectedResourceDetails oauth2() {
        return new AuthorizationCodeResourceDetails();
    }

    @Bean
    @ConfigurationProperties("security.oauth2.resource")
    ResourceServerProperties oauth2Resource() {
        return new ResourceServerProperties();
    }

    @Bean
    public FilterRegistrationBean oauth2ClientFilterRegistration(
            OAuth2ClientContextFilter filter) {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(filter);
        registration.setOrder(-100);
        return registration;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .antMatcher("/**")
            .authorizeRequests()//starts chain for restricting access
                .antMatchers("/", "/login**", "/webjars/**")//maps requests at these paths
                    .permitAll()//urls are allowed by anyone
                .anyRequest()//maps any request
                    .authenticated()//urls are allowed by any authenticated user
            .and().addFilterBefore(ssoFilter(oauth2(), oauth2Resource()), BasicAuthenticationFilter.class);
    }

    private Filter ssoFilter(OAuth2ProtectedResourceDetails resource, ResourceServerProperties properties) {
        OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter("/login/oauth2");
        OAuth2RestTemplate template = new OAuth2RestTemplate(resource, oauth2ClientContext);
        filter.setRestTemplate(template);
        filter.setTokenServices(new UserInfoTokenServices(properties.getUserInfoUri(), resource.getClientId()));
        return filter;
    }
}

The other two beans (oauth2 and oauth2Resource) above it are called on application startup, but the oauth2ClientFilterRegistration bean never gets called (and according to the tutorial, it should).

Can anyone help me understand why (I'm quite new to Spring and Spring Boot)?

Update 1:

My application.yml looks as follows:

security:
  oauth2:
    client:
      clientId: 233668646673605
      clientSecret: 33b17e044ee6a4fa383f46ec6e28ea1d
      accessTokenUri: https://graph.facebook.com/oauth/access_token
      userAuthorizationUri: https://www.facebook.com/dialog/oauth
      tokenName: oauth_token
      authenticationScheme: query
      clientAuthenticationScheme: form
    resource:
      userInfoUri: https://graph.facebook.com/me

logging:
  level:
    org.springframework.security: DEBUG

spring:
  resources:
    chain:
      enabled: true

If I change the second line to be:

facebook:

instead of:

oauth2:

then suddenly 'oauth2ClientFilterRegistration' gets called on startup.

Why would that make the difference? Witchcraft?

1 answers

solution1
 1  2016-03-09 18:36:05

The docs state that: "We already have a secure application, so it's really just a matter of adding the @EnableAuthorizationServer annotation".

So add that:

@SpringBootApplication
@RestController
@EnableOAuth2Client
@EnableAuthorizationServer
public class SocialApplication extends WebSecurityConfigurerAdapter {
   ...
}

Once you've added that configuration to make your app an OAuth2 server, then you can configure clients that you accept: "with that new annotation in place Spring Boot will install all the necessary endpoints and set up the security for them, provided we supply a few details of an OAuth2 client we want to support"

So specifying "facebook" means that facebook is the OAuth2 provider, whereas using "oauth2" means your app becomes the OAuth2 provider.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question XPages: why is my application bean instantiated twice? when is a spring bean instantiated Spring check if a lazy bean is instantiated Spring not injecting bean if it is instantiated on definition inject spring bean in a class not instantiated by spring Making default bean constructor public is not instantiated in spring Singleton bean instantiated multiple times in Spring MVC? How to guarantee a bean is instantiated only once by Spring Inject a bean into a manually instantiated class in spring Why spring can't find my bean?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM