我有一个使用JWT的有效OAuth2身份验证服务器实现。但是,我现在想切换到使用JDBC存储(而不是JWT存储)。但是,在尝试进行切换时遇到了问题。如果我采用以下方法:
@EnableAuthorizationServer
@Configuration
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private TokenStore tokenStore;
// Bcrypt, specified in AppConfig
@Autowired
private PasswordEncoder passwordEncoder;
@Value("${spring.datasource.url}")
private String url;
@Value("${spring.datasource.username")
private String userName;
@Value("${spring.datasource.password}")
private String password;
@Value("${spring.datasource.driverClassName}")
private String driverName;
private final AppConfig appConfig;
@Autowired
private OAuthUserDetailsService userService;
private AuthenticationManager authenticationManager;
@Bean
public DataSource dataSource() {
DriverManagerDataSource dataSource = new DriverManagerDataSource();
dataSource.setDriverClassName(driverName);
dataSource.setUrl(url);
dataSource.setUsername(userName);
dataSource.setPassword(password);
return dataSource;
}
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource());
}
我得到以下信息:
Caused by: org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'entityManagerFactory': Requested bean is currently in creation: Is there an unresolvable circular reference?
根据我的研究,似乎问题出在我的应用程序中也是因为我也是JPA / Hibernate(主要是为了自定义UserDetails和Roles)。举个简单的例子:
// Reference: http://www.baeldung.com/role-and-privilege-for-spring-security-registration
@Service
public class OAuthUserDetailsService implements UserDetailsService {
@Autowired
private UserRepository userRepo;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
OAuthUser user = userRepo.findByUserName(username);
if(user == null) {
throw new UsernameNotFoundException("Could not find " + username);
}
UserDetails details = new User(user.getUserName(), user.getPassword(), getGrantedAuthorities(user.getRoles()));
return details;
}
private List<GrantedAuthority> getGrantedAuthorities(List<Role> roles) {
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
if(roles != null) {
for(Role role: roles) {
authorities.add(new SimpleGrantedAuthority(role.getRoleTitle()));
}
}
return authorities; }
}
如果还使用Spring JPA,如何使用JdbcTokenStore的一种方法?我相关的application.properties如下:
spring.datasource.url=jdbc:postgresql://xxx
spring.datasource.username=x
spring.datasource.password=x
spring.datasource.driverClassName=org.postgresql.Driver
security.oauth2.resource.filter-order = 3
spring.jpa.show-sql=true
spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true
spring.jpa.database-platform=org.hibernate.dialect.PostgreSQLDialect
感谢您的指导。