Question

我有一个使用OAuth2的Spring Boot应用程序并在Spring Boot 2.0.0.M2中成功运行我将Spring Boot版本切换到2.0.0.M7并且应用程序停止运行。

经过一些调试，我发现该类＆＃39; org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration＆＃39;从神器＆spring; boot-autoconfigure＆＃39;中删除在2.0.0.M7中进行了以下初始化...

@Bean
        @ConditionalOnMissingBean(ResourceServerTokenServices.class)
        public UserInfoTokenServices userInfoTokenServices() {
            UserInfoTokenServices services = new UserInfoTokenServices(
                    this.sso.getUserInfoUri(), this.sso.getClientId());
            services.setRestTemplate(this.restTemplate);
            services.setTokenType(this.sso.getTokenType());
            if (this.authoritiesExtractor != null) {
                services.setAuthoritiesExtractor(this.authoritiesExtractor);
            }
            if (this.principalExtractor != null) {
                services.setPrincipalExtractor(this.principalExtractor);
            }
            return services;
        }

现在已删除此类，不会进行初始化，并且＆＃39; DefaultTokenServices＆＃39;在类中初始化＆＃39; org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer＆＃39;我的申请失败了。

private ResourceServerTokenServices tokenServices(HttpSecurity http) {
    if (resourceTokenServices != null) {
        return resourceTokenServices;
    }
    DefaultTokenServices tokenServices = new DefaultTokenServices();
    tokenServices.setTokenStore(tokenStore());
    tokenServices.setSupportRefreshToken(true);
    tokenServices.setClientDetailsService(clientDetails());
    this.resourceTokenServices = tokenServices;
    return tokenServices;
}

有人知道为什么要删除这个类，还是有替代它？

感谢答案......

Answer 1

似乎自动配置将这些配置委托给Spring Security 5，直到它准备就绪，它们提供了一个临时的jar文件，可以实现以下问题所能达到的旧功能......

https://github.com/spring-projects/spring-security-oauth/issues/1240

ResourceServerTokenServicesConfiguration在Spring Boot 2.0.0.M7

1 个答案: