在 Spring Security 5 OAuth Client 和 Spring Boot 2.0 中,authorizationGrantType 不能为 null [英] authorizationGrantType cannot be null in Spring Security 5 OAuth Client and Spring Boot 2.0
问题描述
我按照 Spring Security 5.0 官方参考文档和示例代码 oauth2login 在我的项目中设置 OAuth2/OIDC 身份验证,但它失败了,当我通过 mvn spring-boot:run 启动我的应用程序时出现以下异常.
I followed the Spring Security 5.0 official reference documentation and sample codes oauth2login to setup OAuth2/OIDC authentication in my project, but it failed and I got the following exception when I booted up my application by mvn spring-boot:run.
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientRegistrationRepository'
defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientRegistrationRepositoryConfiguration.class]:
Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException:
Failed to instantiate [org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository]:
Factory method 'clientRegistrationRepository' threw exception;
nested exception is java.lang.IllegalArgumentException: authorizationGrantType cannot be null
我使用的是Spring Boot提供的默认配置,只是在项目中添加了一些基本的依赖,比如spring-security-config、spring-security-oauth2-client、spring-security-oauth2-jsoe 等
I was using the default configuration provided by Spring Boot and just added some basic dependencies into projects, such as spring-security-config, spring-security-oauth2-client, spring-security-oauth2-jsoe etc.
更新:
找到原因,对于Gitlab等自定义OAuth2提供者,我必须添加授权类型,redirectUritemplate、范围、clientName 等,但 OpenID Connect 规范有一个配置端点协议,例如:https://gitlab.com/.well-known/openid-configuration ,是否可以让 Spring Security 自动读取此信息?
I've found the reason, for custom OAuth2 providers, such as Gitlab, I have to add grant type, redirectUritemplate, scope, clientName etc, but OpenID Connect specification has a configuration endpoint protocol, eg: https://gitlab.com/.well-known/openid-configuration , is there possible to make Spring Security read this info automatically?
更新(5/15/2021):在最新的 Spring Security 5.4 和 Spring Boot 2.4 中,OpenId 配置(.well-known/openid-configuration)默认发现,对于大多数oauth2/oidc授权服务器,配置一个issuer_uri 就够了.
Update(5/15/2021): in the latest Spring Security 5.4 and Spring Boot 2.4, the OpenId configuration(.well-known/openid-configuration) is discovered by default, for most oauth2/oidc authorization servers, configure a
issuer_uri is enough.
推荐答案
如果使用 SpringBoot v2.2.1 RELEASE,请使用 redirect-uri 而不是 redirect-uri-template
use redirect-uri instead of redirect-uri-template if use SpringBoot v2.2.1 RELEASE
这篇关于在 Spring Security 5 OAuth Client 和 Spring Boot 2.0 中,authorizationGrantType 不能为 null的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
