ich Probleme der Umsetzung OAuth2 mit Frühling haben ...Stackoverflow im Frühjahr OAuth2 Token Anfrage
Das ist meine Konfiguration in Bezug auf Sicherheit ist:
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
public final void configure(final HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests().antMatchers("/oauth/token").anonymous();
http.authorizeRequests()
.antMatchers("/**").fullyAuthenticated();
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Autowired
private IUserService customUserService;
@Bean
public UserDetailsService userDetailsService() {
return customUserService;
}
@Autowired
private IClientOAuth2DetailsService customClientDetailsService;
@Bean
public ClientDetailsService clientDetailsService() throws Exception {
return customClientDetailsService;
}
@Override
public final void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
@Override
public final void configure(final ClientDetailsServiceConfigurer clients) throws Exception {
clients.withClientDetails(clientDetailsService());
}
}
}
Wie Sie sehen können, habe ich meine eigene Implementierung von ClientDetailsService :
private ClientDetailsService internalClientDetailsService;
public ClientOAuth2DetailsServiceImpl() throws Exception {
internalClientDetailsService = new InMemoryClientDetailsServiceBuilder().withClient("admin")
.secret("admin")
.authorizedGrantTypes("password")
.authorities("ROLE_CLIENT")
.and()
.build();
}
@Override
public final ClientDetails loadClientByClientId(final String client) throws ClientRegistrationException {
return internalClientDetailsService.loadClientByClientId(client);
}
ich in Chrome Postman Erweiterung bin mit dem oauth/Tokenanforderung zu testen:
Wenn ich meine Anfrage senden, so scheint es, dass der ClientDetailsService funktioniert gut, aber nach der Rückkehr der ClientDetails, ich bin immer diese stacktrace bekommen:
java.lang.StackOverflowError: null
at java.lang.ReflectiveOperationException.<init>(Unknown Source) ~[na:1.8.0_45]
at java.lang.reflect.InvocationTargetException.<init>(Unknown Source) ~[na:1.8.0_45]
at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source) ~[na:na]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_45]
at java.lang.reflect.Method.invoke(Unknown Source) ~[na:1.8.0_45]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302) ~[spring-aop-4.2.2.RELEASE.jar:4.2.2.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:201) ~[spring-aop-4.2.2.RELEASE.jar:4.2.2.RELEASE]
at com.sun.proxy.$Proxy67.authenticate(Unknown Source) ~[na:na]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:192) ~[spring-security-core-4.0.3.RELEASE.jar:4.0.3.RELEASE]
at org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter$AuthenticationManagerDelegator.authenticate(WebSecurityConfigurerAdapter.java:436) ~[spring-security-config-3.2.8.RELEASE.jar:3.2.8.RELEASE]
at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source) ~[na:na]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[na:1.8.0_45]
at java.lang.reflect.Method.invoke(Unknown Source) ~[na:1.8.0_45]
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:302) ~[spring-aop-4.2.2.RELEASE.jar:4.2.2.RELEASE]
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:201) ~[spring-aop-4.2.2.RELEASE.jar:4.2.2.RELEASE]
at com.sun.proxy.$Proxy67.authenticate(Unknown Source) ~[na:na]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:192) ~[spring-security-core-4.0.3.RELEASE.jar:4.0.3.RELEASE]
Ich verstehe nicht, warum ... Was ich Vermisst?
Dank!