我使用spring boot oauth 2创建了一个授权。我无法从数据库中获取访问令牌。
我的授权服务器:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private PropertyConfiguration propertyConfiguration;
@Override
public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(final ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient(propertyConfiguration.getPasswordId())
.secret(passwordEncoder.encode(propertyConfiguration.getPasswordSecret()))
.authorizedGrantTypes("password")
.scopes(SCOPE_WRITE)
.autoApprove(true);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.tokenStore(tokenStore())
.authenticationManager(authenticationManager);
}
@Bean
public TokenStore tokenStore() {
return new InMemoryTokenStore();
}
我的主班:
@SpringBootApplication
@EntityScan(basePackages = "com.kazi.core.entities")
public class OAuthApplication {
@Bean
public UserServiceImpl userServiceImpl() {
return new UserServiceImpl();
}
public static void main(String[] args) {
SpringApplication.run(OAuthApplication.class, args);
}
}
我的CustomerUserDetails:
@Configuration("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService {
private UserServiceImpl userServiceImpl;
@Autowired
public CustomUserDetailsService(UserServiceImpl userServiceImpl) {
this.userServiceImpl = userServiceImpl;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
final User user = userServiceImpl.findByUsername(username);
if (user == null)
throw new UsernameNotFoundException(String.format("User %s does not exist!", username));
return new UserRepositoryUserDetails(user);
}
private final static class UserRepositoryUserDetails extends User implements UserDetails {
private static final long serialVersionUID = 1L;
private UserRepositoryUserDetails(User user) {
super(user);
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return getRoles();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return !super.isBlocked();
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
}
我的SecurityConfig:
@Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.parentAuthenticationManager(authenticationManagerBean())
.inMemoryAuthentication()
.withUser("emoleumassi")
.password(passwordEncoder().encode("today"))
.roles("USER");
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
当我直接在代码中设置凭据时,它工作正常,我获得了访问令牌。但是,如果我这样使用CustomUserService:
@Autowired
private CustomUserDetailsService customUserDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.parentAuthenticationManager(authenticationManagerBean())
.userDetailsService(customUserDetailsService)
.passwordEncoder(passwordEncoder());
}
控制台重复很多次,可能是20次:
Hibernate: select user0_.user_id as user_id1_5_, user0_.blocked as blocked2_5_, user0_.description as descript3_5_, user0_.email as email4_5_, user0_.enabled as enabled5_5_, user0_.first_login as first_lo6_5_, user0_.first_name as first_na7_5_, user0_.last_login as last_log8_5_, user0_.last_name as last_nam9_5_, user0_.password as passwor10_5_, user0_.username as usernam11_5_ from user user0_ where user0_.username=?
Hibernate: select threads0_.user_id as user_id1_8_0_, threads0_.thread_id as thread_i2_8_0_, thread1_.thread_id as thread_i1_4_1_ from user_thread threads0_ inner join thread thread1_ on threads0_.thread_id=thread1_.thread_id where threads0_.user_id=?
Hibernate: select roles0_.user_id as user_id1_7_0_, roles0_.role_id as role_id2_7_0_, role1_.role_id as role_id1_3_1_, role1_.name as name2_3_1_ from user_role roles0_ inner join role role1_ on roles0_.role_id=role1_.role_id where roles0_.user_id=?
Hibernate: select users0_.role_id as role_id2_7_0_, users0_.user_id as user_id1_7_0_, user1_.user_id as user_id1_5_1_, user1_.blocked as blocked2_5_1_, user1_.description as descript3_5_1_, user1_.email as email4_5_1_, user1_.enabled as enabled5_5_1_, user1_.first_login as first_lo6_5_1_, user1_.first_name as first_na7_5_1_, user1_.last_login as last_log8_5_1_, user1_.last_name as last_nam9_5_1_, user1_.password as passwor10_5_1_, user1_.username as usernam11_5_1_ from user_role users0_ inner join user user1_ on users0_.user_id=user1_.user_id where users0_.role_id=?
Hibernate: select users0_.role_id as role_id2_7_0_, users0_.user_id as user_id1_7_0_, user1_.user_id as user_id1_5_1_, user1_.blocked as blocked2_5_1_, user1_.description as descript3_5_1_, user1_.email as email4_5_1_, user1_.enabled as enabled5_5_1_, user1_.first_login as first_lo6_5_1_, user1_.first_name as first_na7_5_1_, user1_.last_login as last_log8_5_1_, user1_.last_name as last_nam9_5_1_, user1_.password as passwor10_5_1_, user1_.username as usernam11_5_1_ from user_role users0_ inner join user user1_ on users0_.user_id=user1_.user_id where users0_.role_id=?
Hibernate: select users0_.role_id as role_id2_7_0_, users0_.user_id as user_id1_7_0_, user1_.user_id as user_id1_5_1_, user1_.blocked as blocked2_5_1_, user1_.description as descript3_5_1_, user1_.email as email4_5_1_, user1_.enabled as enabled5_5_1_, user1_.first_login as first_lo6_5_1_, user1_.first_name as first_na7_5_1_, user1_.last_login as last_log8_5_1_, user1_.last_name as last_nam9_5_1_, user1_.password as passwor10_5_1_, user1_.username as usernam11_5_1_ from user_role users0_ inner join user user1_ on users0_.user_id=user1_.user_id where users0_.role_id=?
Hibernate: select jobs0_.user_id as user_id1_6_0_, jobs0_.job_id as job_id2_6_0_, job1_.job_id as job_id1_0_1_, job1_.category as category2_0_1_, job1_.creation_date as creation3_0_1_, job1_.description as descript4_0_1_, job1_.location as location5_0_1_, job1_.salary as salary6_0_1_, job1_.status as status7_0_1_, job1_.title as title8_0_1_ from user_job jobs0_ inner join job job1_ on jobs0_.job_id=job1_.job_id where jobs0_.user_id=?
我得到这个例外:
org.springframework.web.util.NestedServletException: Handler dispatch failed; nested exception is java.lang.StackOverflowError
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1055) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:943) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1006) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:909) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:660) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:883) ~[spring-webmvc-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) ~[tomcat-embed-websocket-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:320) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:126) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:90) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:118) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:158) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:203) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178) ~[spring-security-web-5.2.1.RELEASE.jar:5.2.1.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:108) ~[spring-boot-actuator-2.2.2.RELEASE.jar:2.2.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) ~[spring-web-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:526) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:860) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1591) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[na:na]
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[na:na]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.29.jar:9.0.29]
at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: java.lang.StackOverflowError: null
当我删除此行auth.parentAuthenticationManager(authenticationManagerBean())时我得到
{
"error": "invalid_grant",
"error_description": "Bad credentials"
}
我的用户实体:
@Table
@Entity
public class User implements Serializable {
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "user_id", nullable = false)
private int userId;
@Column(unique = true, columnDefinition = "VARCHAR(50)", nullable = false)
private String username;
@Column(unique = true, columnDefinition = "VARCHAR(50)", nullable = false)
private String email;
@Column(nullable = false, columnDefinition = "BIT")
private boolean enabled;
@Column(columnDefinition = "VARCHAR(50)", nullable = false)
private String password;
@Column(columnDefinition = "VARCHAR(20)", nullable = false)
private String firstLogin;
@Column(columnDefinition = "VARCHAR(20)")
private String lastLogin;
@Column(unique = true, columnDefinition = "VARCHAR(50)")
private String firstName;
@Column(unique = true, columnDefinition = "VARCHAR(50)")
private String lastName;
@Column(nullable = false, columnDefinition = "BIT")
private boolean blocked;
@Column(columnDefinition = "TEXT")
private String description;
@JsonIgnore
@ManyToMany(fetch = FetchType.EAGER, cascade = CascadeType.PERSIST)
@JoinTable(name = "user_role",
joinColumns = @JoinColumn(name = "user_id"),
inverseJoinColumns = @JoinColumn(name = "role_id"))
private Set<Role> roles;
@JsonIgnore
@ManyToMany(fetch = FetchType.EAGER, cascade = CascadeType.PERSIST)
@JoinTable(name = "user_job",
joinColumns = @JoinColumn(name = "user_id"),
inverseJoinColumns = @JoinColumn(name = "job_id"))
private Set<Job> jobs = new HashSet<>();
@JsonIgnore
@ManyToMany(fetch = FetchType.EAGER, cascade = CascadeType.PERSIST)
@JoinTable(name = "user_thread",
joinColumns = @JoinColumn(name = "user_id"),
inverseJoinColumns = @JoinColumn(name = "thread_id"))
private Set<Thread> threads = new HashSet<>();
public User() { }
public User(User user) {
super();
this.userId = user.getUserId();
this.roles = user.getRoles();
this.username = user.getUsername();
this.email = user.getEmail();
this.enabled = user.isEnabled();
this.blocked = user.isBlocked();
this.password = user.getPassword();
}
// getter, setter
我的卷曲请求
curl -i -v -X POST -H 'Content-Type: application/x-www-form-urlencoded' -k http://localhost:8080/oauth/token -H 'Authorization: Basic Y2xpZW50OnNlY3JldA==' -d 'grant_type=password&client_id=client&user=emoleumassi&password=today&scope=write'
此用户在数据库中以用户角色存在。
我使用spring-security-oauth2版本2.3.5.RELEASE,并启动父启动器2.2.2.RELEASE
java.lang.StackOverflowError的根本原因是由于FetchType.EAGER。
对于@ManyToMany,默认提取类型为FetchType.LAZY。
在FetchType.LAZY中,仅在请求时才提取数据。
如果将fetch = FetchType.EAGER放在@ManyToMany中,则在这种情况下,您必须面对java.lang.StackOverflowError,因为它会通过循环加载数据而不请求而导致循环循环(因为它是双向数据提取)。
因此,更新您的用户实体:
@Table
@Entity
public class User implements Serializable {
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "user_id", nullable = false)
private int userId;
@Column(unique = true, columnDefinition = "VARCHAR(50)", nullable = false)
private String username;
@Column(unique = true, columnDefinition = "VARCHAR(50)", nullable = false)
private String email;
@Column(nullable = false, columnDefinition = "BIT")
private boolean enabled;
@Column(columnDefinition = "VARCHAR(50)", nullable = false)
private String password;
@Column(columnDefinition = "VARCHAR(20)", nullable = false)
private String firstLogin;
@Column(columnDefinition = "VARCHAR(20)")
private String lastLogin;
@Column(unique = true, columnDefinition = "VARCHAR(50)")
private String firstName;
@Column(unique = true, columnDefinition = "VARCHAR(50)")
private String lastName;
@Column(nullable = false, columnDefinition = "BIT")
private boolean blocked;
@Column(columnDefinition = "TEXT")
private String description;
@JsonIgnore
@ManyToMany(fetch = FetchType.LAZY, cascade = CascadeType.PERSIST)
@JoinTable(name = "user_role",
joinColumns = @JoinColumn(name = "user_id"),
inverseJoinColumns = @JoinColumn(name = "role_id"))
private Set<Role> roles;
@JsonIgnore
@ManyToMany(fetch = FetchType.LAZY, cascade = CascadeType.PERSIST)
@JoinTable(name = "user_job",
joinColumns = @JoinColumn(name = "user_id"),
inverseJoinColumns = @JoinColumn(name = "job_id"))
private Set<Job> jobs = new HashSet<>();
@JsonIgnore
@ManyToMany(fetch = FetchType.LAZY, cascade = CascadeType.PERSIST)
@JoinTable(name = "user_thread",
joinColumns = @JoinColumn(name = "user_id"),
inverseJoinColumns = @JoinColumn(name = "thread_id"))
private Set<Thread> threads = new HashSet<>();
public User() { }
public User(User user) {
super();
this.userId = user.getUserId();
this.roles = user.getRoles();
this.username = user.getUsername();
this.email = user.getEmail();
this.enabled = user.isEnabled();
this.blocked = user.isBlocked();
this.password = user.getPassword();
}
// getter, setter
}