azure - 为什么客户端 ID 和客户端 key 没有注入(inject)到 OAuth2ClientProperties 中?

标签 azure spring-boot spring-security active-directory spring-security-oauth2

我有 spring-boot 应用程序,使用 Azure AD 作为 OAuth2 提供程序。这是我的 application.yml 文件:

server:
  port: 8080
  address: localhost
security:
  oauth2:
    client:
      registration:
        azure:
          client-id: XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
          client-secret: ?h?_XXXXXXXXXXXXXXXXXXXXXXXX
azure:
  cosmosdb:
    uri: https://myapp.documents.azure.com:443/
    key: ${COSMOSDB_KEY}
    database: Core
  activedirectory:
    tenant-id: ${TENANT_ID}
    user-group:
      allowed-group: user-group

正如您所见,我在开放状态下使用 client-id 和 client-secret (不是通过环境变量),但它仍然不起作用。

这是我的 gradle 构建文件:

plugins {
    id 'org.springframework.boot' version '2.2.6.RELEASE'
    id 'io.spring.dependency-management' version '1.0.9.RELEASE'
    id 'java'
}

group = 'group'
version = '0.0.1-SNAPSHOT'
sourceCompatibility = '11'

configurations {
    compileOnly {
        extendsFrom annotationProcessor
    }
}

repositories {
    mavenCentral()
    jcenter()
}

ext {
    set('azureVersion', "2.2.0")
}

dependencies {
//    Web
    implementation 'org.modelmapper:modelmapper:2.3.7'
    implementation 'org.springframework.boot:spring-boot-starter-web'

//    Azure
    implementation 'com.microsoft.azure:azure-spring-boot-starter'
    implementation 'com.microsoft.azure:azure-cosmosdb-spring-boot-starter'
    implementation 'com.microsoft.azure:azure-active-directory-spring-boot-starter'

//    OpenAPI
    implementation 'org.springdoc:springdoc-openapi-ui:1.3.7'
    implementation 'org.springdoc:springdoc-openapi-webmvc-core:1.3.7'

//    Security
    implementation 'org.springframework.boot:spring-boot-starter-security'
    implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
    implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'

//    Lombok
    compileOnly 'org.projectlombok:lombok'
    annotationProcessor 'org.projectlombok:lombok'
    testCompileOnly 'org.projectlombok:lombok'
    testAnnotationProcessor 'org.projectlombok:lombok'

//    Tests
    testImplementation('org.springframework.boot:spring-boot-starter-test') {
        exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
    }
    testImplementation 'org.springframework.security:spring-security-test'
}

dependencyManagement {
    imports {
        mavenBom "com.microsoft.azure:azure-spring-boot-bom:${azureVersion}"
    }
}

test {
    useJUnitPlatform()
}

我的安全配置:

@Slf4j
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    public void configure(WebSecurity web) {
        web
                .ignoring()
                .antMatchers("/webjars/**", "/favicon.ico");
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginPage("/login")
                .failureUrl("/login-error")
                .permitAll()
                .and()
                .oauth2Client();
    }
}

我在启动过程中收到以下错误:

Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration$EnableWebMvcConfiguration': Unsatisfied dependency expressed through method 'setConfigurers' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.OAuth2ClientConfiguration$OAuth2ClientWebMvcSecurityConfiguration': Unsatisfied dependency expressed through method 'setClientRegistrationRepository' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'clientRegistrationRepository' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/client/servlet/OAuth2ClientRegistrationRepositoryConfiguration.class]: Unsatisfied dependency expressed through method 'clientRegistrationRepository' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'spring.security.oauth2.client-org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Client id must not be empty.

Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.OAuth2ClientConfiguration$OAuth2ClientWebMvcSecurityConfiguration': Unsatisfied dependency expressed through method 'setClientRegistrationRepository' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'clientRegistrationRepository' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/client/servlet/OAuth2ClientRegistrationRepositoryConfiguration.class]: Unsatisfied dependency expressed through method 'clientRegistrationRepository' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'spring.security.oauth2.client-org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Client id must not be empty.

Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'clientRegistrationRepository' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/client/servlet/OAuth2ClientRegistrationRepositoryConfiguration.class]: Unsatisfied dependency expressed through method 'clientRegistrationRepository' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'spring.security.oauth2.client-org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Client id must not be empty.

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'spring.security.oauth2.client-org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Client id must not be empty.

Caused by: java.lang.IllegalStateException: Client id must not be empty.

我在这里缺少什么?

最佳答案

我忘记向 security 属性添加 spring. 前缀。它应该看起来像这样:

security:
  oauth2:
    client:
      registration:
        azure:
          client-id: XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
          client-secret: ?h?_XXXXXXXXXXXXXXXXXXXXXXXX

此外,我的 azure 属性也不正确:我需要使用 allowed-groups 而不是 allowed-group

关于azure - 为什么客户端 ID 和客户端 key 没有注入(inject)到 OAuth2ClientProperties 中?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61638235/

上一篇:python - 适用于 Azure CosmosDB 的 Gremlin Python SDK

下一篇:Azure 服务总线 - 如何将元数据添加到消息中

相关文章:

azure - Azure Synapse 中的外部表列不允许使用 NOT NULL

java - CommandLineRunner 不会向用户添加角色

spring - 测试 MockBean 为空

spring-security - 升级到 springBootVersion = '1.3.3.RELEASE' 后使用 RestTemplate 出现异常

azure - 使用 ADF 复制 Azure SQL DW 中的数据(根据文档,使用 Polybase 进行分阶段复制不起作用)

azure - Azure Active Directory 中的简单目录查找

Spring boot @Decimalmin 和 @Decimalmax 不在请求中工作

java - 在 Spring Security 中手动过期(失效)后 session 不会被销毁

java - Spring security 阻止用户操纵 url

azure - 交互式集群与 SQL 仓库连接到 Power BI

©2024 IT工具网  联系我们