1. 首頁
  2. 問答
  3. Spring Cloud OAuth2Authentication返回NullPointerException

Spring Cloud OAuth2Authentication返回NullPointerException

2017-04-20 223 views
1

我正在慢慢地理解Spring Cloud Security。我創建了授權服務,它在授權和返回令牌時有效,但在使用該令牌時不會返回任何當前用戶的詳細信息,從OAuth2Authentication獲取這些令牌時也是如此。這兩條線返回NPE:Spring Cloud OAuth2Authentication返回NullPointerException

userInfo.put("user", user.getUserAuthentication().getPrincipal()); 
      userInfo.put("authorities", AuthorityUtils.authorityListToSet(user.getUserAuthentication().getAuthorities()));

OAuth2Authentication user不會被實例化和爲空,而我理解,這應該是默認的Spring Security中實例化。也許我缺少一些配置bean?提前致謝!

Application.class

@SpringBootApplication 
@RestController 
@EnableResourceServer 
@EnableAuthorizationServer 
public class AuthorizationServiceApplication { 

    @RequestMapping(value = {"/user"}, produces = "application/json") 
    public Map <String, Object> user (OAuth2Authentication user) { 
     Map <String, Object> userInfo = new HashMap <>(); 
     userInfo.put("user", user.getUserAuthentication().getPrincipal()); 
     userInfo.put("authorities", AuthorityUtils.authorityListToSet(user.getUserAuthentication().getAuthorities())); 
     return userInfo; 
    } 

    public static void main (String[] args) { 
     SpringApplication.run(AuthorizationServiceApplication.class, args); 
    } 
}

OAuth2Config.class

@Configuration 
public class OAuth2Config extends AuthorizationServerConfigurerAdapter { 

    @Value("${token.secret}") 
    private String secret; 
    private AuthenticationManager authenticationManager; 
    private UserDetailsService userDetailsService; 

    public OAuth2Config (AuthenticationManager authenticationManager, UserDetailsService userDetailsService) { 
     this.authenticationManager = authenticationManager; 
     this.userDetailsService = userDetailsService; 
    } 

    @Override 
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception { 
     clients.inMemory() 
       .withClient("eagleeye") 
       .secret(secret) 
       .authorizedGrantTypes("refresh_token", "password", "client_credentials") 
       .scopes("webclient", "mobileclient"); 
    } 

    @Override 
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { 
     endpoints 
       .authenticationManager(authenticationManager) 
       .userDetailsService(userDetailsService); 
    } 
}

WebSecurityConfigurer.class

@Configuration 
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter { 

    @Override 
    @Bean 
    public AuthenticationManager authenticationManagerBean() throws Exception { 
     return super.authenticationManagerBean(); 
    } 

    @Override 
    @Bean 
    public UserDetailsService userDetailsServiceBean() throws Exception { 
     return super.userDetailsServiceBean(); 
    } 

    // TODO: implemented DB stuff 
    @Override 
    protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception { 
     authenticationManagerBuilder 
       .inMemoryAuthentication() 
       .withUser("deniss").password("deniss1").roles("USER") 
       .and() 
       .withUser("oksana").password("oksana").roles("USER, ADMIN"); 
    } 

    private CsrfTokenRepository csrfTokenRepository() { 
     HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository(); 
     repository.setSessionAttributeName("_csrf"); 
     return repository; 
    } 

    @Override 
    protected void configure(HttpSecurity http) throws Exception { 
     http.csrf().csrfTokenRepository(csrfTokenRepository()); 
    } 
}

來源

2017-04-20 Deniss M.

+0

難道你錯過了OAuth2Config構造函數的@Autowired註解嗎? –

+0

@ p.streef嗯,但不會然後userService然後不工作......? –

+0

我只是猜測在這裏,它可能是春天自動autowires組件/配置的構造函數 –

回答

0

最後我得到它的工作是這樣的:

Application.class

@SpringBootApplication 
@RestController 
@EnableResourceServer 
public class AuthorizationServiceApplication { 

    private final Logger log = LoggerFactory.getLogger(this.getClass()); 

    @RequestMapping("/user") 
    public Principal user(Principal user) { 
     log.info("User information display for User: " + user.getName()); 
     return user; 
    } 

    @Bean 
    UserDetailsService userDetailsService() { 
     InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager(); 
     manager.createUser(User.withUsername("deniss").password("deniss").roles("USER").build()); 
     return manager; 
    } 

    public static void main (String[] args) { 
     SpringApplication.run(AuthorizationServiceApplication.class, args); 
    } 
}

OAuth2Config.java

@Configuration 
@EnableAuthorizationServer 
public class OAuth2Config extends AuthorizationServerConfigurerAdapter { 

    //TODO: refactor to recieve this info from config server 
    @Value("${token.secret}") 
    private String secret; 

    @Autowired 
    private AuthenticationManager authenticationManager; 

    @Override 
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { 
     endpoints.authenticationManager(authenticationManager); 
    } 

    @Override 
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception { 
     clients.inMemory() 
       .withClient("eagleeye") 
       .secret(secret) 
       .authorizedGrantTypes("refresh_token", "password", "client_credentials") 
       .scopes("webclient", "mobileclient"); 
    } 
}

SecurityConfigurer.class

@Configuration 
@EnableGlobalAuthentication 
public class SecurityConfigurer extends GlobalAuthenticationConfigurerAdapter { 

    @Autowired 
    private UserDetailsService userDetailsService; 

    // TODO: implemented DB stuff 
    @Override 
    public void init(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception { 
     authenticationManagerBuilder.userDetailsService(this.userDetailsService); 
    } 
}

來源

2017-04-27 07:18:45

0

我遇到了同樣的問題,看來是新版本的bug。我改變了Spring Boot 1.5.9.RELEASE,Spring Cloud Edgware.RELEASE支持Spring Boot 1.4.4.RELEASE,Spring Cloud Camden.SR5,問題消失了。

來源

2017-12-25 09:22:54 Xusheng

相關問題

 相關問題