Search code examples
spring-bootkotlinspring-securityspring-security-oauth2

Type arguments should be specified for an outer class

I am implementing oauth2 security in my application through create an config class but I don't know where I make mistake I get following type of compile time error

Type arguments should be specified for an outer class 'ExpressionUrlAuthorizationConfigurer'. Use full class name to specify them

SecurityConfig.kt

package com.main.serviceproduct.config

import org.springframework.context.annotation.Configuration
import org.springframework.security.config.Customizer
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry
import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer

@Configuration
@EnableWebSecurity
class SecurityConfig : WebSecurityConfigurerAdapter() {
    @Throws(Exception::class)
    override fun configure(security: HttpSecurity){
        security.authorizeRequests(Customizer { authorize: ExpressionInterceptUrlRegistry ->
            authorize.anyRequest().authenticated()
        })
            .oauth2ResourceServer{obj: OAuth2ResourceServerConfigurer<HttpSecurity?>->obj.jwt()}
    }

}

security.authorizeRequests(Customizer { authorize: ExpressionInterceptUrlRegistry ->
            authorize.anyRequest().authenticated()

I got error on above line at this point authorize: ExpressionInterceptUrlRegistry

Solution

  • Because the ExpressionInterceptUrlRegistry is a inner (non-static) class so it needs the type information of the outer class ExpressionUrlAuthorizationConfigurer<T>, which actually is a HttpSecurity.

    The below should works:

    @Configuration
@EnableWebSecurity
open class SecurityConfig : WebSecurityConfigurerAdapter() {
    @Throws(Exception::class)
    override fun configure(security: HttpSecurity){
        security.authorizeRequests(Customizer { authorize: ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry ->
            authorize.anyRequest().authenticated()
        })
            .oauth2ResourceServer{obj: OAuth2ResourceServerConfigurer<HttpSecurity?> ->obj.jwt()}
    }

}