我正在尝试使用Spring Boot配置OAuth2客户端。我有以下依赖项：

<dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-security</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-webflux</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-oauth2-client</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.security</groupId>
        <artifactId>spring-security-oauth2-jose</artifactId>
    </dependency>

并且我已经将这些属性添加到我的应用程序中。yaml：

security:
    oauth2:
      client:
        registration:
          azure:
            client-id:****
            client-secret:****
            authorization-grant-type: client_credentials
        provider:
          azure:
            authorization-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/oauth2/v2.0/authorize
            token-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/oauth2/v2.0/token
            jwk-set-uri: https://login.microsoftonline.com/2fdb7e27-9b62-44f7-a0fe-9836eaa1f161/discovery/v2.0/keys

根据我在Spring文档中的理解，这应该足以自动配置一个客户端注册存储库(“Spring Boot2.x自动配置将spring.security.oauth2.client.registration.[registrationId]下的每个属性绑定到一个客户端注册示例，然后在一个客户端注册存储库中组合每个客户端注册示例。该自动配置还将客户端注册存储库注册为应用程序上下文中的@Bean，以便在应用程序需要时可以进行依赖项注入。”

我有以下代码：

package com.sky.bnc.azurespring

import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientProviderBuilder
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager
import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository
import org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction
import org.springframework.web.reactive.function.client.WebClient

@Configuration
class WebConfiguration {

    @Bean
    fun authorizedClientManager(clientRegistrationRepository: ClientRegistrationRepository, authorizedClientRepository: OAuth2AuthorizedClientRepository): OAuth2AuthorizedClientManager {
        val authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder
                .builder()
                .authorizationCode()
                .refreshToken()
                .clientCredentials()
                .build()

        val authorizedClientManager = DefaultOAuth2AuthorizedClientManager(clientRegistrationRepository, authorizedClientRepository)
        authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider)

        return authorizedClientManager
    }

    @Bean
    fun webClient(authorizedClientManager: OAuth2AuthorizedClientManager): WebClient {
        val oauth2Client = ServletOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager)
        oauth2Client.setDefaultClientRegistrationId("azure")

        return WebClient
                .builder()
                .apply(oauth2Client.oauth2Configuration())
                .build()
    }
}

但是，当我尝试运行该应用程序时，我收到以下错误：

APPLICATION FAILED TO START

***************************

Description:

Parameter 0 of method authorizedClientManager in com.sky.bnc.azurespring.WebConfiguration required a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' that could not be found.

Action:

Consider defining a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' in your configuration.

Process finished with exit code 1

我不明白问题出在哪里，我遵循了很多例子，看起来它应该是有效的。

您面临的问题是Applation.yaml文件中的配置造成的。请检查一下都是正确的。

由于您要为Azure AD实施OAuth，因此配置必须如下所示，


# Specifies your Active Directory ID:

azure.activedirectory.tenant-id=22222222-2222-2222-2222-222222222222

# Specifies your App Registration's Application ID:

spring.security.oauth2.client.registration.azure.client-id=11111111-1111-1111-1111-1111111111111111

# Specifies your App Registration's secret key:

spring.security.oauth2.client.registration.azure.client-secret=AbCdEfGhIjKlMnOpQrStUvWxYz==

# Specifies the list of Active Directory groups to use for authorization:

azure.activedirectory.user-group.allowed-groups=Users

有关完整的分步指南，请参阅here。

4条答案

按热度按时间

jhiyze9q1#

ClientRegistrationRepository指的是OAuth客户端在阻塞环境中的配置，而不是被动配置。如果您构建的应用程序是完全被动的，请考虑使用ReactiveClientRegistrationRepository实现。Spring Security Project有一个example project，说明如何使用它。

然而，您仍然可以在同一个应用程序中混合使用React式和阻塞式方法，尽管不是很推荐，但仍然有这样的用例。为此，您只需要添加spring-boot-starter-web依赖项，以便将阻塞Servlet实现添加到类路径中。您可以观看使用此方法的this talk。

赞(0）回复(0）举报 2022-09-21

w6mmgewl2#

定义以下属性：

1.azure.active目录.客户端id=
1.azure.active目录.客户端机密=
1.azure.active目录.租户-id=
1.azure.activedirectory.authorization-clients.graph.scopes=https://graph.microsoft.com/Analytics.Read，邮箱

a14dhokn3#

des4xlb04#

缩进问题，

spring:
 security:

编号：click here

未找到ClientRegistrationRepository Bean

4条答案

相关问题

热门标签

最新问答