Question

我有一个用Kotlin实现的Spring Boot App（2.1.6）。是一个Rest API，希望将oAuth 2与Keycloak结合使用。我的Java代码中的代码可以编译：

package com.oesia.mako.config.security;

import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

@Configuration
@EnableWebSecurity
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
@ConditionalOnProperty(prefix = "rest.security", value = "enabled", havingValue = "true")
@Import({SecurityProperties.class})
public class SecurityConfigurer extends ResourceServerConfigurerAdapter {

  @Autowired
  private ResourceServerProperties resourceServerProperties;

  @Autowired
  private SecurityProperties securityProperties;

  @Override
  public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.resourceId(resourceServerProperties.getResourceId());
  }


  @Override
  public void configure(final HttpSecurity http) throws Exception {

    http.cors()
        .configurationSource(corsConfigurationSource())
        .and()
        .headers()
        .frameOptions()
        .disable()
        .and()
        .csrf()
        .disable()
        .authorizeRequests()
        .antMatchers(securityProperties.getApiMatcher())
        .authenticated();

  }

  @Bean
  public CorsConfigurationSource corsConfigurationSource() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    if (null != securityProperties.getCorsConfiguration()) {
      source.registerCorsConfiguration("/**", securityProperties.getCorsConfiguration());
    }
    return source;
  }

  @Bean
  public JwtAccessTokenCustomizer jwtAccessTokenCustomizer(ObjectMapper mapper) {
    return new JwtAccessTokenCustomizer(mapper);
  }

  @Bean
  public OAuth2RestTemplate oauth2RestTemplate(OAuth2ProtectedResourceDetails details) {
    OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(details);

    //Prepare by getting access token once
    oAuth2RestTemplate.getAccessToken();
    return oAuth2RestTemplate;
  }
}

当我转换为Kotlin时，出现语法错误：

package com.oesia.mako.config.security

import com.fasterxml.jackson.databind.ObjectMapper
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.context.annotation.Import
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.oauth2.client.OAuth2RestTemplate
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer
import org.springframework.web.cors.CorsConfigurationSource
import org.springframework.web.cors.UrlBasedCorsConfigurationSource

@Configuration
@EnableWebSecurity
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
@ConditionalOnProperty(prefix = "rest.security", value = ["enabled"], havingValue = "true")
@Import({SecurityProperties.class})
class SecurityConfigurer : ResourceServerConfigurerAdapter() {
    @Autowired
    private val resourceServerProperties: ResourceServerProperties? = null
    @Autowired
    private val securityProperties: SecurityProperties? = null

    @Throws(Exception::class)
    override fun configure(resources: ResourceServerSecurityConfigurer) {
        resources.resourceId(resourceServerProperties!!.resourceId)
    }

    @Throws(Exception::class)
    override fun configure(http: HttpSecurity) {
        http.cors()
                .configurationSource(corsConfigurationSource())
                .and()
                .headers()
                .frameOptions()
                .disable()
                .and()
                .csrf()
                .disable()
                .authorizeRequests()
                .antMatchers(securityProperties!!.apiMatcher)
                .authenticated()
    }

    @Bean
    fun corsConfigurationSource(): CorsConfigurationSource {
        val source = UrlBasedCorsConfigurationSource()
        if (securityProperties?.corsConfiguration != null) {
            source.registerCorsConfiguration("/**", securityProperties.corsConfiguration);
        }
        return source
    }

    @Bean
    fun jwtAccessTokenCustomizer(mapper: ObjectMapper): JwtAccessTokenCustomizer {
        return JwtAccessTokenCustomizer(mapper)
    }

    @Bean
    fun oauth2RestTemplate(details: OAuth2ProtectedResourceDetails): OAuth2RestTemplate {
        val oAuth2RestTemplate = OAuth2RestTemplate(details)
        oAuth2RestTemplate.accessToken
        return oAuth2RestTemplate
    }
}

错误在注释导入行中：

@Import({SecurityProperties.class})

我使用IntelliJ CE将代码从Java转换为Kotlin。消息是：

> Task :compileKotlin
e: D:\Workspaces\CleanArchitecture\mako\src\main\customized\kotlin\com\oesia\mako\config\security\SecurityConfigurer.kt: (26, 34): Name expected

谢谢。

Answer 1

我猜想将Java代码转换为Kotlin的工具并不总是有效。在这种情况下，@Import是用Java定义的，并且需要一个类数组，您可以通过传递vararg KClass在Kotlin中使用它（实际上仅适用于注释的value字段，否则您需要传递适当的数组。更多信息here）。

换句话说，您需要将代码更改为：@Import(SecurityProperties::class)。

编辑：似乎此问题已在多年前报告并解决：KT-10545。我还尝试将您的Java代码转换为机器上的Kotlin（使用Kotlin 1.3.41），并且@Import语句已正确生成。

有趣的事情发生了。 @ConditionalOnProperty行已转换为此：

@ConditionalOnProperty(prefix = "rest.security", value = "enabled", havingValue = "true")

不能编译为“禁止将单个元素以命名形式分配给varargs”。我很想知道它是否为回归值，因为它在您的代码段中看起来是正确的。

在Kotlin中的导入批注中应使用的名称

1 个答案: