我的应用程序需要成为一个 API 客户端,在 Spring Boot 中使用 Spring Security、Oauth 2.0 和 OpenID。对于
OAuthClientConfiguration
,我遵循了本教程(从“创建基于 Web 客户端的应用程序”标头开始):https://developer.okta.com/blog/2021/05/05/client-credentials-spring-security#创建基于 Web 客户端的应用程序
我在启动应用程序时收到此错误:
Failed to bind properties under 'spring.security.oauth2.client.provider.authorization-uri' to org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties$Provider:
Reason: org.springframework.core.convert.ConverterNotFoundException: No converter found capable of converting from type [java.lang.String] to type [org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties$Provider]
我的
OAuthClientConfiguration
班级
@Configuration
public class OAuthClientConfiguration
{
@Bean
ReactiveClientRegistrationRepository clientRegistrations(
@Value(value = "${spring.security.oauth2.client.provider.token-uri}") String tokenUri,
@Value(value = "${spring.security.oauth2.client.registration.IdOfMyApp.client-id}") String clientId,
@Value(value = "${spring.security.oauth2.client.registration.IdOfMyApp.client-secret}") String clientSecret,
@Value(value = "${spring.security.oauth2.client.registration.IdOfMyApp.authorization-grant-type}") String authorizationGrantType,
@Value(value = "${spring.security.oauth2.client.registration.IdOfMyApp.redirect-uri}") String redirectUri,
@Value(value = "${spring.security.oauth2.client.provider.authorization-uri}") String authorizationUri)
{
ClientRegistration registration = ClientRegistration
.withRegistrationId("IdOfMyApp")
.tokenUri(tokenUri)
.clientId(clientId)
.clientSecret(clientSecret)
.scope("pr.pro", "pr.act", "openid", "offline")
.authorizationGrantType(new AuthorizationGrantType(authorizationGrantType))
.redirectUri(redirectUri)
.authorizationUri(authorizationUri)
.build();
return new InMemoryReactiveClientRegistrationRepository(registration);
}
@Bean
WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations)
{
InMemoryReactiveOAuth2AuthorizedClientService clientService = new InMemoryReactiveOAuth2AuthorizedClientService(clientRegistrations);
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager = new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(clientRegistrations, clientService);
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
oauth.setDefaultClientRegistrationId("MarvelGuru");
return WebClient.builder().filter(oauth).build();
}
}
application.yaml
文件:
spring:
security:
oauth2:
client:
registration:
IdOfMyApp:
provider: https://api.provider.guys.com
client-id: [my id here]
client-secret: [my secret here]
client-authentication-method: basic
authorization-grant-type: authorization_code
scope:
- pr.pro
- pr.act
- openid
- offline
redirect-uri: https://my.domain.com/fallback
client-name: My App Name
provider:
authorization-uri: https://api.provider.guys.com/oauth2/auth
token-uri: https://api.provider.guys.com/oauth2/token
issuer-uri: https://api.provider.guys.com
resourceserver:
jwt:
issuer-uri: https://api.provider.guys.com
logging:
level:
'[org.springframework.web]': DEBUG
您需要在属性中拥有提供者 ID 密钥:
provider:
IdOfMyApp:
authorization-uri: https://api.provider.guys.com/oauth2/auth
token-uri: https://api.provider.guys.com/oauth2/token
issuer-uri: https://api.provider.guys.com
我的错误是我们需要在 client-id 及其值和 client-secret 之间添加空格
spring:
security:
oauth2:
client:
registration:
github:
client-id:39a0a1998e0681b3test
client-secret:1fc36844d9b44baa8cd0test