skip to Main Content

I am trying to update our Spring Boot project. The problem is that as soon as I do this the following error occurs that we can’t get fixed:

Parameter 0 of constructor in com.test.app.configuration.WebAppSecurityConfig required a bean of type 'org.springframework.security.oauth2.client.userinfo.OAuth2UserService' that could not be found.

You can also already see it red underlined in IntelliJ. Before the update it worked fine like it is.

@Configuration
@Order(2)
public class WebAppSecurityConfig extends WebSecurityConfigurerAdapter {
  private final OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;

  @Autowired
  public WebAppSecurityConfig(OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService) {
    this.oidcUserService = oidcUserService;
  }

  @Override
  protected void configure(HttpSecurity http) throws Exception {

    // authenticate user through azure AD
    http.authorizeRequests()
        .regexMatchers(
            "/app/(cockpit|admin|tasklist|welcome)/([^/]+)/",
            "/rest/([^/]+)")
        .authenticated()
        .and()
        .oauth2Login()
        .userInfoEndpoint()
        .oidcUserService(oidcUserService);
  }

  /** Register camunda filter for authentication */
  @Bean
  public FilterRegistrationBean<ContainerBasedAuthenticationFilter>
      containerBasedAuthenticationFilter() {
    FilterRegistrationBean<ContainerBasedAuthenticationFilter> filterRegistration =
        new FilterRegistrationBean<>();
    filterRegistration.setFilter(new ContainerBasedAuthenticationFilter());
    filterRegistration.setInitParameters(
        Collections.singletonMap(
            "authentication-provider",
            "com.test.app.filter.SpringSecurityAuthenticationProvider"));
    filterRegistration.setOrder(
        101); // make sure the filter is registered after the Spring Security Filter Chain
    filterRegistration.addUrlPatterns("/app/*");
    filterRegistration.addUrlPatterns("/rest/*");
    return filterRegistration;
  }
}


Action:

Consider defining a bean of type 'org.springframework.security.oauth2.client.userinfo.OAuth2UserService' in your configuration.

Our current Spring Boot version is 2.3.12.RELEASE and we want to update to 2.5.x.

If we just do new OidcUserService() for the .oidcUserService the application is able to run but the login page only forewards to an empty Login with OAuth 2.0 page instead of redirecting to the Microsoft login page.

We already tried to disable some dependencies like other similar questions did. Does anybody have an idea what happenend that the bean cannot be found?

The updated pom.xml looks like this (we had to switch from azure-active-directory-spring-boot-starter to spring-cloud-azure-starter-active-directory):

    <modelVersion>4.0.0</modelVersion>

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.5.14</version>
        <relativePath/>
    </parent>

    <properties>
        <version.camunda>7.16.0-ee</version.camunda>
        <springBoot.version>2.5.14</springBoot.version>
        <java.version>11</java.version>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <log4j2.version>2.17.2</log4j2.version>
        <org.mapstruct.version>1.5.2.Final</org.mapstruct.version>
    </properties>

    <groupId>com.test.app</groupId>
    <artifactId>application</artifactId>
    <version>1.0.0-SNAPSHOT</version>

    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.camunda.bpm</groupId>
                <artifactId>camunda-bom</artifactId>
                <scope>import</scope>
                <type>pom</type>
                <version>${version.camunda}</version>
            </dependency>
        </dependencies>
    </dependencyManagement>

    <dependencies>
        <dependency>
            <groupId>org.camunda.bpm</groupId>
            <artifactId>camunda-engine</artifactId>
            <exclusions>
                <exclusion>
                    <groupId>org.camunda.connect</groupId>
                    <artifactId>camunda-connect-connectors-all</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>org.camunda.connect</groupId>
            <artifactId>camunda-connect-http-client</artifactId>
            <scope>runtime</scope>
        </dependency>

        <dependency>
            <groupId>org.camunda.bpm</groupId>
            <artifactId>camunda-engine-plugin-spin</artifactId>
            <scope>provided</scope>
        </dependency>

        <dependency>
            <groupId>org.camunda.spin</groupId>
            <artifactId>camunda-spin-dataformat-json-jackson</artifactId>
            <scope>provided</scope>
        </dependency>

        <dependency>
            <groupId>org.camunda.bpm.springboot</groupId>
            <artifactId>camunda-bpm-spring-boot-starter-rest</artifactId>
        </dependency>

        <dependency>
            <groupId>org.camunda.bpm.springboot</groupId>
            <artifactId>camunda-bpm-spring-boot-starter-webapp-ee</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-mail</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-aop</artifactId>
        </dependency>

        <dependency>
            <groupId>com.h2database</groupId>
            <artifactId>h2</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-jpa</artifactId>
        </dependency>

        <dependency>
            <groupId>com.azure</groupId>
            <artifactId>azure-messaging-eventhubs</artifactId>
            <version>5.12.1</version>
        </dependency>

        <dependency>
            <groupId>com.googlecode.json-simple</groupId>
            <artifactId>json-simple</artifactId>
            <version>1.1.1</version>
        </dependency>

        <dependency>
            <groupId>net.sf.supercsv</groupId>
            <artifactId>super-csv</artifactId>
            <version>2.4.0</version>
        </dependency>

        <dependency>
            <groupId>org.json</groupId>
            <artifactId>json</artifactId>
            <version>20220924</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
            <!--                    <version>${springBoot.version}</version>-->
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-actuator</artifactId>
            <!--            <version>${springBoot.version}</version>-->
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-configuration-processor</artifactId>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-oauth2-client</artifactId>
            <version>5.7.3</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-oauth2-jose</artifactId>
        </dependency>

        <dependency>
            <groupId>com.azure.spring</groupId>
            <artifactId>spring-cloud-azure-starter-active-directory</artifactId>
            <version>4.4.0</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.security.oauth</groupId>
            <artifactId>spring-security-oauth2</artifactId>
            <version>2.5.2.RELEASE</version>
        </dependency>

        <dependency>
            <groupId>com.microsoft.graph</groupId>
            <artifactId>microsoft-graph</artifactId>
            <version>1.2.0</version>
        </dependency>

        <dependency>
            <groupId>org.apache.pdfbox</groupId>
            <artifactId>pdfbox</artifactId>
            <version>2.0.27</version>
        </dependency>

        <dependency>
            <groupId>com.github.java-json-tools</groupId>
            <artifactId>json-patch</artifactId>
            <version>1.13</version>
        </dependency>

        <dependency>
            <groupId>jakarta.json</groupId>
            <artifactId>jakarta.json-api</artifactId>
            <version>2.1.1</version>
        </dependency>


        <dependency>
            <groupId>com.fasterxml.jackson.dataformat</groupId>
            <artifactId>jackson-dataformat-csv</artifactId>
            <version>2.13.3</version>
        </dependency>

        <dependency>
            <groupId>com.fasterxml.jackson.datatype</groupId>
            <artifactId>jackson-datatype-jsr310</artifactId>
        </dependency>

        <dependency>
            <groupId>org.apache.poi</groupId>
            <artifactId>poi</artifactId>
            <version>5.2.2</version>
        </dependency>
        <dependency>
            <groupId>org.apache.poi</groupId>
            <artifactId>poi-ooxml</artifactId>
            <version>5.2.2</version>
        </dependency>

        <dependency>
            <groupId>com.microsoft.azure</groupId>
            <artifactId>azure-servicebus</artifactId>
            <version>3.6.6</version>
        </dependency>

        <dependency>
            <groupId>org.junit.jupiter</groupId>
            <artifactId>junit-jupiter</artifactId>
            <version>5.8.2</version>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>org.skyscreamer</groupId>
            <artifactId>jsonassert</artifactId>
            <version>1.5.1</version>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>org.codehaus.groovy</groupId>
            <artifactId>groovy-all</artifactId>
            <version>3.0.13</version>
            <type>pom</type>
        </dependency>

        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.13.2</version>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <version>2.7.4</version>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <version>1.18.24</version>
            <scope>provided</scope>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <version>${project.parent.version}</version>
            </plugin>
            <plugin>
                <artifactId>maven-surefire-plugin</artifactId>
                <version>2.22.2</version>
                <dependencies>
                    <dependency>
                        <groupId>org.junit.platform</groupId>
                        <artifactId>junit-platform-surefire-provider</artifactId>
                        <version>1.3.2</version>
                    </dependency>
                    <dependency>
                        <groupId>org.junit.jupiter</groupId>
                        <artifactId>junit-jupiter-engine</artifactId>
                        <version>5.9.0-M1</version>
                    </dependency>
                </dependencies>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>3.10.1</version>
                <configuration>
                    <annotationProcessorPaths>
                        <path>
                            <groupId>org.mapstruct</groupId>
                            <artifactId>mapstruct-processor</artifactId>
                            <version>${org.mapstruct.version}</version>
                        </path>
                        <path>
                            <groupId>org.projectlombok</groupId>
                            <artifactId>lombok</artifactId>
                            <version>1.18.24</version>
                        </path>
                        <!-- other annotation processors -->
                    </annotationProcessorPaths>
                </configuration>
            </plugin>
        </plugins>
    </build>

</project>

An excerpt from the application.yml:

spring:
  jersey: application-path=/rest

  profiles:
    active: dev

  datasource:
    url: jdbc:h2:file:./camunda-h2-database

  security:
    oauth2:
      client:
        provider:
          azure-oauth-provider:
            authorization-uri: https://login.microsoftonline.com/${spring.cloud.azure.active-directory.profile.tenant-id}/oauth2/authorize
            token-uri: https://login.microsoftonline.com/${spring.cloud.azure.active-directory.profile.tenant-id}/oauth2/token
            user-info-uri: https://login.microsoftonline.com/${spring.cloud.azure.active-directory.profile.tenant-id}/openid/userinfo
            jwk-set-uri: https://login.microsoftonline.com/${spring.cloud.azure.active-directory.profile.tenant-id}/discovery/keys
        registration:
          azure:
            client-id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
            client-secret: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
            provider: azure-oauth-provider
            authorization-grant-type: client_credentials
  cloud:
    azure:
      active-directory:
        profile:
          tenant-id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
        user-group:
          allowed-group-names: Users

server:
  forward-headers-strategy: native # correctly handle X-Forwarded-Proto header to properly construct Azure AD redirect url

default:
  baseUrl: http://localhost:8080/

2

Answers


  1. try this dependency because in your application.yml file you have mentioned that auth-provider (authorization-uri: https://login.microsoftonline.com/${spring.cloud.azure.active-directory.profile.tenant-id}/oauth2/authorize) so it might help:

    <dependency>
          <groupId>com.azure.spring</groupId>
          <artifactId>spring-cloud-azure-dependencies</artifactId>
          <version>4.4.0</version>
          <type>pom</type>
          <scope>import</scope>
        </dependency>
    
    Login or Signup to reply.
  2. Here is a working example using Spring 2.6.7:
    https://github.com/rob2universe/azure-active-directory-oauth-spring-boot

    Your problem may be that you are not letting the framework inject the oicdUserService as shown here:
    https://github.com/rob2universe/azure-active-directory-oauth-spring-boot/blob/6db04d4f5a15f1d2f8f59365ef54c3da992c6d78/src/main/java/com/example/aad/AADOAuth2LoginSecurityConfig.java#L18

    Also note the MS resources referenced in the readme.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search