java - Spring启动OAuth2实现: NoSuchBeanDefinitionException: No qualifying bean of type AuthenticationManager

Question

org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'authorizationServerConfig': Unsatisfied dependency expressed through field 'authenticationManager'; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.springframework.security.authentication.AuthenticationManager' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations: {@org.springframework.beans.factory.annotation.Autowired(required=true)}

您好，我有 spring-boot web 应用程序，我正在尝试按照以下示例使用 Spring Security 和 OAuth2 实现登录/授权身份验证系统:https://www.youtube.com/watch?v=dTAgI_UsqMg&t=1307s

一切都很好，但是当我运行我的应用程序时，我收到异常，说它无法找到 AuthenticationManager 的 bean，即使它在那里并且 Autowiring 。

浏览互联网，这似乎是 Oauth2 的一个已知或常见问题，但我找不到正确的解决方法

有些人建议“公开”AuthenticationManager bean，我不确定这在这种情况下意味着什么

这是我当前在 github 上的项目的链接:https://github.com/chenchi13/spring-boot-cms

谁能帮我解决这个问题吗？

抛出异常的类:

@EnableResourceServer
@Configuration                                                      
public class ResourceServerConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;
    @Autowired
    private UserDetailsService customUserDetailService;

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.requestMatchers()
                .antMatchers("/login", "/oauth/authorize")
                .and()
                .authorizeRequests()
                .anyRequest()
                .authenticated()
                .and()
                .formLogin()
                .permitAll();
    }


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {

        //auth.parentAuthenticationManager(authenticationManager)
        //        .inMemoryAuthentication()
        //        .withUser("Peter")
        //        .password("peter")
        //        .roles("USER");

        auth.parentAuthenticationManager(authenticationManager)
                .userDetailsService(customUserDetailService);
    }
}

授权服务器配置:

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {

        security.tokenKeyAccess("permitAll()")
                .checkTokenAccess("isAuthenticated()");
    }


    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients
                .inMemory()
                .withClient("ClientId")
                .secret("secret")
                .authorizedGrantTypes("authorization_code")
                .scopes("user_info")
                .autoApprove(true);
    }


    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

        endpoints.authenticationManager(authenticationManager);
    }
}

Answer 1

从 ResourceServerConfig 中删除以下内容:

@Autowired
private AuthenticationManager authenticationManager;

并更改配置方法，如下所示:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(customUserDetailService);
}

还要重写 ResourceServerConfig 中的以下方法:

@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
}

这应该可以解决您的问题。