Spring 类型为'的必需bean;java.security.KeyPair';找不到
我正在尝试按照的spring文档来实现AuthorizationServer,但遇到了以下问题: 1.8.1配置授权服务器以使用JWKs 和 1.8.2添加JWK集URI端点 根据此处描述的信息,我将此代码添加到我的Spring 类型为'的必需bean;java.security.KeyPair';找不到,spring,spring-boot,spring-oauth2,Spring,Spring Boot,Spring Oauth2,我正在尝试按照的spring文档来实现AuthorizationServer,但遇到了以下问题: 1.8.1配置授权服务器以使用JWKs 和 1.8.2添加JWK集URI端点 根据此处描述的信息,我将此代码添加到我的授权服务器ConfigureRadapter: @EnableAuthorizationServer @Configuration public class JwkSetConfiguration extends AuthorizationServerConfigurerAdapte
授权服务器ConfigureRadapter@EnableAuthorizationServer
@Configuration
public class JwkSetConfiguration extends AuthorizationServerConfigurerAdapter {
AuthenticationManager authenticationManager;
KeyPair keyPair;
public JwkSetConfiguration(AuthenticationConfiguration authenticationConfiguration,
KeyPair keyPair) throws Exception {
this.authenticationManager = authenticationConfiguration.getAuthenticationManager();
this.keyPair = keyPair;
}
// ... client configuration, etc.
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
// @formatter:off
endpoints
.authenticationManager(this.authenticationManager)
.accessTokenConverter(accessTokenConverter())
.tokenStore(tokenStore());
// @formatter:on
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setKeyPair(this.keyPair);
return converter;
}
}
@Autowired
private KeyPair keyPair;
@Bean
public KeyPair keyPairBean() throws NoSuchAlgorithmException {
KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
gen.initialize(2048);
KeyPair keyPair = gen.generateKeyPair();
return keyPair;
}
@FrameworkEndpoint
class JwkSetEndpoint {
KeyPair keyPair;
public JwkSetEndpoint(KeyPair keyPair) {
this.keyPair = keyPair;
}
@GetMapping("/.well-known/jwks.json")
@ResponseBody
public Map<String, Object> getKey() {
RSAPublicKey publicKey = (RSAPublicKey) this.keyPair.getPublic();
RSAKey key = new RSAKey.Builder(publicKey).build();
return new JWKSet(key).toJSONObject();
}
}
***************************
APPLICATION FAILED TO START
***************************
Description:
Parameter 1 of constructor in oauth.server.Server required a bean of type 'java.security.KeyPair' that could not be found.
The injection point has the following annotations:
- @org.springframework.beans.factory.annotation.Autowired(required=true)
Action:
Consider defining a bean of type 'java.security.KeyPair' in your configuration.
AuthorizationServerConfigurerAdapter的完整代码为:
@Import(AuthorizationServerEndpointsConfiguration.class)
@Configuration
public class Server extends AuthorizationServerConfigurerAdapter {
private AuthenticationManager authenticationManager;
private KeyPair keyPair;
public Server(AuthenticationConfiguration authenticationConfiguration, KeyPair keyPair) throws Exception {
this.authenticationManager = authenticationConfiguration.getAuthenticationManager();
this.keyPair = keyPair;
}
@Bean
public PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("first-client")
.secret(passwordEncoder().encode("noonewilleverguess"))
.scopes("resource:read")
.authorizedGrantTypes("authorization_code")
.redirectUris("http://localhost:8080/oauth/login/client-app");
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints
.authenticationManager(this.authenticationManager)
.accessTokenConverter(accessTokenConverter())
.tokenStore(tokenStore());
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setKeyPair(this.keyPair);
return converter;
}
}
更新
pom.xml
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.4.0.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
<version>2.2.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
<version>1.1.0.RELEASE</version>
</dependency>
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>nimbus-jose-jwt</artifactId>
<version>8.6</version>
</dependency>
</dependencies>
org.springframework.boot
弹簧启动安全
org.springframework.boot
弹簧启动装置
org.springframework.boot
SpringBootStarterWeb
org.springframework.boot
弹簧启动机tomcat
假如
org.springframework.security.oauth
spring-security-oauth2
2.4.0.1发布
org.springframework.security.oauth.boot
spring-security-oauth2-autoconfigure
2.2.4.1发布
org.springframework.security
spring security jwt
1.1.0.1发布
com.usds
光轮何塞jwt
8.6
我设法解决了这个问题,将这个bean添加到我的类服务器中
:
@EnableAuthorizationServer
@Configuration
public class JwkSetConfiguration extends AuthorizationServerConfigurerAdapter {
AuthenticationManager authenticationManager;
KeyPair keyPair;
public JwkSetConfiguration(AuthenticationConfiguration authenticationConfiguration,
KeyPair keyPair) throws Exception {
this.authenticationManager = authenticationConfiguration.getAuthenticationManager();
this.keyPair = keyPair;
}
// ... client configuration, etc.
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
// @formatter:off
endpoints
.authenticationManager(this.authenticationManager)
.accessTokenConverter(accessTokenConverter())
.tokenStore(tokenStore());
// @formatter:on
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setKeyPair(this.keyPair);
return converter;
}
}
@Autowired
private KeyPair keyPair;
@Bean
public KeyPair keyPairBean() throws NoSuchAlgorithmException {
KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
gen.initialize(2048);
KeyPair keyPair = gen.generateKeyPair();
return keyPair;
}
您的pom.xml是什么样子的?我更新了问题以包含它。它告诉您缺少什么。您没有注册KeyPair类型的bean。你需要有一个使用DI的经验。查看您的密码编码器,对密钥对执行相同的操作,并提供一个bean。否则SpringDI无法在需要时为KeyPair对象容器提供服务。它与PasswordEncoder不同。不能只返回newkeypair()
,因为它需要公钥和私钥作为参数(我可以从中获取这些参数)。我不知道有没有像密码编码器那样的钥匙对工厂。