Search code examples
javaspringspring-bootoauth-2.0

OAuth2: WebSecurityConfiguration required a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository'

I'm following along with this Spring Boot tutorial. I got the application running, registered with GitHub for OAuth, and I'm able to authenticate via GitHub, get redirected to my application, and see the index page.

On the same tutorial, there's a section named "Making the Home Page Public" which suggests modifying your application with a couple of changes: extending WebSecurityConfigurerAdapter (which was recently deprecated), and adding this method:

@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests(a -> a
                .antMatchers("/", "/error", "/webjars/**").permitAll()
                .anyRequest().authenticated()
            )
            .exceptionHandling(e -> e
                .authenticationEntryPoint(new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED))
            )
            .oauth2Login();
    }

Adding this, causes my application to no longer run; when I run the bootRun gradle task, I get an error:

***************************
APPLICATION FAILED TO START
***************************

Description:

Method springSecurityFilterChain in org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration required a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' that could not be found.


Action:

Consider defining a bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' in your configuration.


> Task :bootRun FAILED

I tried looking for solutions on how to add the ClientRegistrationRepository. My understanding is that this class is only used when your application is becoming an OAuth provider.

Alternatively, if I'm solving the wrong problem - if there's a way to enable unauthenticated users to access the home/index.html page without using this method, I am open to doing that instead.

Solution

  • I found the culprit in the application server logs:

    No active profile set, falling back to 1 default profile: "default"

    Looks like I somehow ended up with multiple run configurations in IntelliJ IDEA; deleting them all so that there's only one, and setting the profile via the environment variable spring.profiles.active=dev fixed it.