Spring OAuth2令牌请求中的StackOverflowError

时间:2016-05-11 09:45:50

标签: java spring spring-security oauth spring-security-oauth2

我在使用Spring实现OAuth2时遇到问题......

这是我与安全相关的配置:

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

@Override
public final void configure(final HttpSecurity http) throws Exception {
    http.csrf().disable();
    http.authorizeRequests().antMatchers("/oauth/token").anonymous();
    http.authorizeRequests()
        .antMatchers("/**").fullyAuthenticated();
}

@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {

    @Autowired
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Autowired
    private IUserService customUserService;

    @Bean
    public UserDetailsService userDetailsService() {
        return customUserService;
    }

    @Autowired
    private IClientOAuth2DetailsService customClientDetailsService;

    @Bean
    public ClientDetailsService clientDetailsService() throws Exception {
        return customClientDetailsService;
    }

    @Override
    public final void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.authenticationManager(authenticationManager);
    }

    @Override
    public final void configure(final ClientDetailsServiceConfigurer clients) throws Exception {
        clients.withClientDetails(clientDetailsService());
    }
}
}

就像你看到的那样,我自己实现了ClientDetailsS​​ervice:

private ClientDetailsService internalClientDetailsService;

public ClientOAuth2DetailsServiceImpl() throws Exception {
            internalClientDetailsService = new InMemoryClientDetailsServiceBuilder().withClient("admin")
                .secret("admin")
                .authorizedGrantTypes("password")
                .authorities("ROLE_CLIENT")
            .and()
            .build();
}

@Override
public final ClientDetails loadClientByClientId(final String client) throws ClientRegistrationException {
    return internalClientDetailsService.loadClientByClientId(client);
}

我在Chrome中使用Postman扩展来测试oauth / token请求: Postman Petition

当我发送请求时,似乎ClientDetailsS​​ervice工作正常,但在返回ClientDetails后,我总是得到这个堆栈跟踪:

java.lang.StackOverflowError: null
    at java.lang.ReflectiveOperationException.<init>(Unknown Source) ~[na:1.8.0_45]
    at java.lang.reflect.InvocationTargetException.<init>(Unknown Source) ~[na:1.8.0_45]
    at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source) ~[na:na]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_45]
    at java.lang.reflect.Method.invoke(Unknown Source) ~[na:1.8.0_45]
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302) ~[spring-aop-4.2.2.RELEASE.jar:4.2.2.RELEASE]
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:201) ~[spring-aop-4.2.2.RELEASE.jar:4.2.2.RELEASE]
    at com.sun.proxy.$Proxy67.authenticate(Unknown Source) ~[na:na]
    at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:192) ~[spring-security-core-4.0.3.RELEASE.jar:4.0.3.RELEASE]
    at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$AuthenticationManagerDelegator.authenticate(WebSecurityConfigurerAdapter.java:436) ~[spring-security-config-3.2.8.RELEASE.jar:3.2.8.RELEASE]
    at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source) ~[na:na]
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_45]
    at java.lang.reflect.Method.invoke(Unknown Source) ~[na:1.8.0_45]
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302) ~[spring-aop-4.2.2.RELEASE.jar:4.2.2.RELEASE]
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:201) ~[spring-aop-4.2.2.RELEASE.jar:4.2.2.RELEASE]
    at com.sun.proxy.$Proxy67.authenticate(Unknown Source) ~[na:na]
    at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:192) ~[spring-security-core-4.0.3.RELEASE.jar:4.0.3.RELEASE]

我不明白为什么......我缺少什么?

谢谢!

2 个答案:

答案 0 :(得分:0)

解决!

我缺少此方法,您必须配置AuthenticationManager:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    ...
}

答案 1 :(得分:0)

通过更改此方法authenticationManagerBean解决

@Bean
    @Override
    public AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }

---修复--- 

@Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
相关问题
最新问题