I am trying to use spring security oauth (library not grails plugin, there is only an extremely outdated grails plugin).
I want my app to be an OAuth 1.0a provider (not OAuth 2). The OAuth2 part of spring-security-oauth does not seem to have this problem, because it does not require a reference to the filterchain in the provider config.
What i want is to configure it as shown here: https://github.com/spring-projects/spring-security-oauth/blob/master/samples/oauth/sparklr/src/main/webapp/WEB-INF/applicationContext.xml
I translated this to the groovy syntax of grails:
consumerDetails(InMemoryConsumerDetailsService)
tokenServices(InMemoryProviderTokenServices)
xmlns oauth: "http://www.springframework.org/schema/security/oauth"
oauth.'consumer-details-service'(id:'consumerDetails') {
oauth.consumer(name: 'AndroidRegisterApp', key:'testkey', secret:"testkey123", resourceName:'mobileApi', resourceDescription:'Register devices via mobile app')
}
oauth.provider(
'consumer-details-service-ref': "consumerDetails",
'token-services-ref':'tokenServices',
'request-token-url':'/oauth/request_token',
'authenticate-token-url':'/oauth/authorize',
'access-granted-url':'/requestTokenAuthorized',
'access-token-url':'/oauth/access_token',
'filter-chain-ref':'springSecurityFilterChainProxy',
'require10a':'true'
)
The problem is that when OAuthProviderBeanDefinitionParser parses this config during grails app start, the springSecurityFilterChainProxy does not yet exist so it fails here: https://github.com/spring-projects/spring-security-oauth/blob/master/spring-security-oauth/src/main/java/org/springframework/security/oauth/config/OAuthProviderBeanDefinitionParser.java#L179 while calling ConfigUtils.findFilterChain the important line in there is:
parserContext.getRegistry().getBeanDefinition(filterChainRef)
which fails because "springSecurityFilterChainProxy" just doesn't exist in the parserContext (I guess because it only gets created later on). I also tried to postpone this initialization, by putting it in the bootstrap code like this:
def initOauthProvider() {
def bb = new BeanBuilder(grailsApplication.getMainContext())
bb.beans {
// same bean initialization code as above
}
}
this also fails because here i only have the beans in the parserContext that are part of my definition (it doesn't see any other grails beans)
is there any way i can fix this? I've seen that the BeanBuilder can also be initialized with a RuntimeSpringConfiguration object but i haven't found any way how to get this from my grails app.
I am using:
You may try to explicitly define all the spring bean dependencies (references) in grails-app/conf/spring/resources.groovy file.
Here is a sample syntax:
// resources.groovy
beans = {
yourBean(com.company.YourBean) {
springSecurityService = ref('springSecurityService')
otherService = ref('otherService')
anotherService = ref('anotherService')
}
}
So, in this case, you should get all three springSecurityService, otherService and anotherService initialized and accessible from within the yourBean bean.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With