the*_*mar 9 java oauth-2.0 azure-active-directory spring-boot spring-security-oauth2
我正在尝试使用 Spring Boot 配置 OAuth2 客户端。我有以下依赖项:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId>
</dependency>
我已将这些属性添加到我的 application.yaml 中:
security:
oauth2:
client:
registration:
azure:
client-id: ****
client-secret: ****
authorization-grant-type: client_credentials
provider:
azure:
authorization-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/oauth2/v2.0/authorize
token-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/oauth2/v2.0/token
jwk-set-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/discovery/v2.0/keys
据我从 Spring 文档中了解到,这应该足以自动配置 ClientRegistrationRepository (“Spring Boot 2.x 自动配置将 spring.security.oauth2.client.registration.[registrationId] 下的每个属性绑定到自动配置还会将 ClientRegistrationRepository 注册为 ApplicationContext 中的 @Bean,以便在应用程序需要时可用于依赖项注入。 。
我有以下代码:
package com.sky.bnc.azurespring
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository
import org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
import org.springframework.web.reactive.function.client.WebClient
@Configuration
class WebConfiguration {
@Bean
fun authorizedClientManager(clientRegistrationRepository: ClientRegistrationRepository, authorizedClientRepository: OAuth2AuthorizedClientRepository): OAuth2AuthorizedClientManager {
val authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder
.builder()
.authorizationCode()
.refreshToken()
.clientCredentials()
.build()
val authorizedClientManager = DefaultOAuth2AuthorizedClientManager(clientRegistrationRepository, authorizedClientRepository)
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider)
return authorizedClientManager
}
@Bean
fun webClient(authorizedClientManager: OAuth2AuthorizedClientManager): WebClient {
val oauth2Client = ServletOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager)
oauth2Client.setDefaultClientRegistrationId("azure")
return WebClient
.builder()
.apply(oauth2Client.oauth2Configuration())
.build()
}
}
但是当我尝试运行该应用程序时,我收到此错误:
APPLICATION FAILED TO START
***************************
Description:
Parameter 0 of method authorizedClientManager in com.sky.bnc.azurespring.WebConfiguration required a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' that could not be found.
Action:
Consider defining a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' in your configuration.
Process finished with exit code 1
我不明白问题是什么,我已经遵循了很多例子,看起来它应该可以工作。
您遇到的问题是由于application.yaml文件中的配置造成的。请检查一切是否正确。
由于您正在为 Azure AD 实施 oauth,因此配置必须如下所示,
# Specifies your Active Directory ID:
azure.activedirectory.tenant-id=22222222-2222-2222-2222-222222222222
# Specifies your App Registration's Application ID:
spring.security.oauth2.client.registration.azure.client-id=11111111-1111-1111-1111-1111111111111111
# Specifies your App Registration's secret key:
spring.security.oauth2.client.registration.azure.client-secret=AbCdEfGhIjKlMnOpQrStUvWxYz==
# Specifies the list of Active Directory groups to use for authorization:
azure.activedirectory.user-group.allowed-groups=Users
有关完整的分步指南,请参阅此处。
| 归档时间: |
|
| 查看次数: |
16242 次 |
| 最近记录: |