Spring Security Sping Boot 3.2.0“oauth2ResourceServer(0)”、“jwt(0)”、“cors()”和“crsf()”已弃用并标记为删除

wydwbb8l  于 12个月前  发布在  Spring
关注(0)|答案(1)|浏览(247)

你好,我有我的Sping Boot 应用程序的问题,IDE indicaates that my 'oauth2ResourceServer(C)','jwt(C)','cors()' and 'crsf()' methods are deprecated though(what I have found on the Internet)it's good approach. When I run the app it crashes. I don't know what to do,I've read manya articles but none of them solved the issue.

package com.mtcompany.ecommerceshop.config;

import com.okta.spring.boot.oauth.Okta;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.web.accept.ContentNegotiationStrategy;
import org.springframework.web.accept.HeaderContentNegotiationStrategy;

@Configuration
public class SecurityConfiguration {

    @Bean
    protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {

        
        http.authorizeHttpRequests(requests ->
                        requests
                                .requestMatchers("/api/orders/**")
                                .authenticated()
                                .anyRequest().permitAll())
                .oauth2ResourceServer()
                .jwt();

        
        http.cors();
        
        http.setSharedObject(ContentNegotiationStrategy.class, new
                HeaderContentNegotiationStrategy());

        Okta.configureResourceServer401ResponseBody(http);

        http.csrf().disable();

        return http.build();
    }

}

字符串


的数据

'oauth2ResourceServer()' is deprecated and marked for removal 
'jwt()' is deprecated and marked for removal 
'cors()' is deprecated and marked for removal
'csrf()' is deprecated and marked for removal


我的pom.xml文件:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>3.2.0</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.mtcompany</groupId>
    <artifactId>ecommerce-shop</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>ecommerce-shop</name>
    <description>Demo project for Spring Boot</description>
    <properties>
        <java.version>21</java.version>
    </properties>
    <dependencies>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springdoc</groupId>
            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
            <version>2.0.0</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-validation</artifactId>
        </dependency>

        <dependency>
            <groupId>com.okta.spring</groupId>
            <artifactId>okta-spring-boot-starter</artifactId>
            <version>3.0.2</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-rest</artifactId>
        </dependency>

        <dependency>
            <groupId>com.mysql</groupId>
            <artifactId>mysql-connector-j</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <configuration>
                    <excludes>
                        <exclude>
                            <groupId>org.projectlombok</groupId>
                            <artifactId>lombok</artifactId>
                        </exclude>
                    </excludes>
                </configuration>
            </plugin>
        </plugins>
    </build>

</project>

balp4ylt

balp4ylt1#

根据Migration Guide配置部分以及spring-security6.2的当前版本,您必须将当前实现替换为下一个:

@Bean
  protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    
    http.authorizeHttpRequests(requests ->
            requests
                .requestMatchers("/api/orders/**")
                .authenticated()
                .anyRequest().permitAll())
        .oauth2ResourceServer(oAuth -> oAuth.jwt(Customizer.withDefaults()))
        
    http.cors(AbstractHttpConfigurer::disable);

    http.setSharedObject(ContentNegotiationStrategy.class, new
        HeaderContentNegotiationStrategy());

    http.csrf(AbstractHttpConfigurer::disable);

    return http.build();
  }

字符串
还有关于崩溃,我猜问题在这里:

<dependency>
        <groupId>com.okta.spring</groupId>
        <artifactId>okta-spring-boot-starter</artifactId>
        <version>3.0.2</version>
    </dependency>


请尝试删除此依赖项和相关代码,然后重试。

相关问题