为什么我的spring @bean从未实例化?

时间:2016-03-08 12:30:30

标签: java spring spring-mvc

我有一个豆子:

@Bean
public FilterRegistrationBean oauth2ClientFilterRegistration(
        OAuth2ClientContextFilter filter) {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(filter);
    registration.setOrder(-100);
    return registration;
}

但由于某种原因,它永远不会被调用。我正在遵循这些说明(https://spring.io/guides/tutorials/spring-boot-oauth2/#_social_login_manual)并在我的配置类中包含以下代码。 

@Configuration
@EnableOAuth2Client
public class OAuthConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    OAuth2ClientContext oauth2ClientContext;

    @Bean
    @ConfigurationProperties("security.oauth2.client")
    OAuth2ProtectedResourceDetails oauth2() {
        return new AuthorizationCodeResourceDetails();
    }

    @Bean
    @ConfigurationProperties("security.oauth2.resource")
    ResourceServerProperties oauth2Resource() {
        return new ResourceServerProperties();
    }

    @Bean
    public FilterRegistrationBean oauth2ClientFilterRegistration(
            OAuth2ClientContextFilter filter) {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(filter);
        registration.setOrder(-100);
        return registration;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .antMatcher("/**")
            .authorizeRequests()//starts chain for restricting access
                .antMatchers("/", "/login**", "/webjars/**")//maps requests at these paths
                    .permitAll()//urls are allowed by anyone
                .anyRequest()//maps any request
                    .authenticated()//urls are allowed by any authenticated user
            .and().addFilterBefore(ssoFilter(oauth2(), oauth2Resource()), BasicAuthenticationFilter.class);
    }

    private Filter ssoFilter(OAuth2ProtectedResourceDetails resource, ResourceServerProperties properties) {
        OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter("/login/oauth2");
        OAuth2RestTemplate template = new OAuth2RestTemplate(resource, oauth2ClientContext);
        filter.setRestTemplate(template);
        filter.setTokenServices(new UserInfoTokenServices(properties.getUserInfoUri(), resource.getClientId()));
        return filter;
    }
}

它上面的另外两个bean(oauth2和oauth2Resource)在应用程序启动时调用,但oauth2ClientFilterRegistration bean永远不会被调用(根据教程,它应该)。

任何人都可以帮助我理解为什么(我对Spring和Spring Boot很新)?

更新1:

我的application.yml如下所示:

security:
  oauth2:
    client:
      clientId: 233668646673605
      clientSecret: 33b17e044ee6a4fa383f46ec6e28ea1d
      accessTokenUri: https://graph.facebook.com/oauth/access_token
      userAuthorizationUri: https://www.facebook.com/dialog/oauth
      tokenName: oauth_token
      authenticationScheme: query
      clientAuthenticationScheme: form
    resource:
      userInfoUri: https://graph.facebook.com/me

logging:
  level:
    org.springframework.security: DEBUG

spring:
  resources:
    chain:
      enabled: true

如果我将第二行更改为:

facebook:

而不是:

oauth2:

然后突然在启动时调用'oauth2ClientFilterRegistration'。

为什么会有所作为?巫术?

1 个答案:

答案 0 :(得分:1)

文档声明:"我们已经有了一个安全的应用程序,所以这只是添加@EnableAuthorizationServer注释"。

添加:

@SpringBootApplication
@RestController
@EnableOAuth2Client
@EnableAuthorizationServer
public class SocialApplication extends WebSecurityConfigurerAdapter {
   ...
}

一旦您添加了该配置以使您的应用成为OAuth2服务器,您就可以配置您接受的客户端:"使用新的注释Spring Boot将安装所有必要的端点并设置他们的安全性,前提是我们提供了一些我们想要支持的OAuth2客户端的详细信息。

所以指定" facebook"表示facebook是OAuth2提供者,而使用" oauth2"表示您的应用成为OAuth2提供商。

相关问题
最新问题