使用@ EnableOAuth2Client无法正常配置OAuth2客户端

时间:2016-12-30 07:56:48

标签: java spring spring-oauth2

我正在关注this教程,从官方的春季文档到使用@EnableOAuth2Client手动配置OAuth2客户端。由于某种原因,它无法正常工作。当我运行该应用并访问http://localhost:8080/login时,我会看到基本表单登录而不是Google登录选项。 (由于我的使用案例,我需要使这个手动配置工作。)

但是@EnableOauth2Sso代码在我不使用OAuth2AuthenticationProcessingFilters进行任何手动配置的情况下正常工作。在这种情况下,我在访问我的登录页面时获得谷歌登录选项。有人可以帮帮我吗。我添加了以下代码:

这是@EnableOAuth2Sso,效果很好

@Configuration
@EnableWebSecurity
@EnableOAuth2Sso
@PropertySource({ "classpath:/oauth2.properties" })
@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    OAuth2ClientContext oauth2ClientContext;

    @Value("${security.oauth2.resource.userInfoUri}")
    String userInfoUri;

    @Value("${security.oauth2.client.clientId}")
    String clientId;

    @Bean
    public RequestContextListener requestContextListener() {
        return new RequestContextListener();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
//      http.antMatcher("/**").addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
    }
}

这是@EnableOAuth2Client,它不起作用,而是我登录表单

@Configuration
@EnableWebSecurity
@EnableOAuth2Client
@PropertySource({ "classpath:/oauth2.properties" })
@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    OAuth2ClientContext oauth2ClientContext;

    @Value("${security.oauth2.resource.userInfoUri}")
    String userInfoUri;

    @Value("${security.oauth2.client.clientId}")
    String clientId;

    @Bean
    public RequestContextListener requestContextListener() {
        return new RequestContextListener();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.antMatcher("/**").addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
    }

    private Filter ssoFilter() {
        OAuth2ClientAuthenticationProcessingFilter googleFilter = new OAuth2ClientAuthenticationProcessingFilter("/login");
        OAuth2RestTemplate googleTemplate = new OAuth2RestTemplate(google(), oauth2ClientContext);
        googleFilter.setRestTemplate(googleTemplate);
        googleFilter.setTokenServices(new UserInfoTokenServices(googleResource().getUserInfoUri(), google().getClientId()));
        return googleFilter;
    }

    @Bean
    @ConfigurationProperties("security.oauth2.client")
    public AuthorizationCodeResourceDetails google() {
        return new AuthorizationCodeResourceDetails();
    }

    @Bean
    @ConfigurationProperties("security.oauth2.resource")
    public ResourceServerProperties googleResource() {
        return new ResourceServerProperties();
    }

    @Bean
    public FilterRegistrationBean oauth2ClientFilterRegistration(
            OAuth2ClientContextFilter filter) {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(filter);
        registration.setOrder(-100);
        return registration;
    }

}

1 个答案:

答案 0 :(得分:6)

我会说super.configure(http)的电话可能是问题所在。

来自javadoc:

  

通常,子类不应该通过调用super来调用此方法,因为它可能会覆盖它们的配置。“