我正在使用Spring Boot和Spring Cloud设置微服务应用程序,并希望添加oauth2身份验证。
我将Java 11和module-info用于jar依赖项,但未能在Eclipse上作为Spring Boot应用程序运行。我能够用Maven进行编译。
ResourceServer配置:
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
import com.XXXXXXX.config.ApplicationPropertiesConfiguration;
@Configuration
@EnableResourceServer
public class CustomResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@Autowired
private ApplicationPropertiesConfiguration applicationPropertiesConfiguration;
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable().anonymous().and().authorizeRequests().antMatchers("/newaccountbook", "/api/param/**")
.permitAll().anyRequest().authenticated();
}
@Bean
@Primary
public ResourceServerTokenServices tokenServices() {
final RemoteTokenServices remoteTokenServices = new RemoteTokenServices();
remoteTokenServices.setClientId(applicationPropertiesConfiguration.getOauthClientId());
remoteTokenServices.setClientSecret(applicationPropertiesConfiguration.getOauthClientSecret());
remoteTokenServices.setCheckTokenEndpointUrl(applicationPropertiesConfiguration.getCheckTokenUrl());
return remoteTokenServices;
}
}
module-info.java:
requires commons.lang;
requires feign.core;
requires jackson.annotations;
requires java.annotation;
requires java.persistence;
requires java.sql;
requires java.transaction;
requires java.validation;
requires opencsv;
requires org.hibernate.orm.core;
requires org.hibernate.validator;
requires org.mapstruct;
requires slf4j.api;
requires spring.beans;
requires spring.boot;
requires spring.boot.autoconfigure;
requires spring.cloud.commons;
requires spring.cloud.context;
requires spring.cloud.openfeign.core;
requires spring.context;
requires spring.core;
requires spring.data.commons;
requires spring.data.jpa;
requires spring.orm;
requires spring.security.config;
requires spring.security.oauth2;
requires spring.security.web;
requires spring.tx;
requires spring.web;
requires spring.webmvc;
requires tomcat.embed.core;
pom.xml
修改:添加Spring Cloud版本
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.6.RELEASE</version>
<relativePath /> <!-- lookup parent from repository -->
</parent>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>11</java.version>
<maven.compiler.source>${java.version}</maven.compiler.source>
<maven.compiler.target>${java.version}</maven.compiler.target>
<spring-cloud.version>Greenwich.SR2</spring-cloud.version>
<org.mapstruct.version>1.2.0.Final</org.mapstruct.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-properties-migrator</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.mapstruct</groupId>
<artifactId>mapstruct</artifactId> <!-- use mapstruct-jdk8 for Java 8 or higher -->
<version>${org.mapstruct.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-config</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-sleuth</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-zipkin</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-openfeign</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<scope>runtime</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
<dependency>
<groupId>com.opencsv</groupId>
<artifactId>opencsv</artifactId>
<version>4.5</version>
</dependency>
</dependencies>
Caused by: java.lang.ClassNotFoundException: org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerConfiguration$ResourceServerCondition
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:583) ~[na:na]
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178) ~[na:na]
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521) ~[na:na]
at org.springframework.boot.devtools.restart.classloader.RestartClassLoader.loadClass(RestartClassLoader.java:144) ~[spring-boot-devtools-2.1.6.RELEASE.jar:2.1.6.RELEASE]
at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521) ~[na:na]
at java.base/java.lang.Class.forName0(Native Method) ~[na:na]
at java.base/java.lang.Class.forName(Class.java:398) ~[na:na]
at spring.core@5.1.8.RELEASE/org.springframework.util.ClassUtils.forName(ClassUtils.java:275) ~[spring-core-5.1.8.RELEASE.jar:na]
at spring.core@5.1.8.RELEASE/org.springframework.util.ClassUtils.resolveClassName(ClassUtils.java:315) ~[spring-core-5.1.8.RELEASE.jar:na]
答案 0 :(得分:0)
首先, OAuth2不会进行身份验证,它是授权第三者从资源服务器访问私有信息。
如果要实现OAuth2流程,则需要拥有资源服务器,授权者,并且第三个系统将访问该信息。
这里有更多信息:
https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
在您的项目中,您需要添加OAuth2依赖项。
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>${springsecurityoauth2.version}</version>
</dependency>