Spring oauth not working with docker domains

Question

I have my authorization server on ip 172.30.0.2, and a resource server on 172.30.0.3.

Inside the resource server's application.yml, I have:

security:
  oauth2:
    resource:
      userInfoUri: http://172.30.0.2:8080/v1/user

with this configuration it works fine. But if I use:

http://domain-management-query.domain-management-ms:8080/v1/user

I receive a 400 error. I receive the same error by issuing the command with wget form the command line from the resouceserver container.

How can I use docker domains instead of a prefixed ip?

I'm not using docker-compose for the domain-management-query.domain-management-ms, but this docker run command:

docker run -it --rm -p 8080:8080 --network=jacopetto -v $(pwd):/home/gradle/project --net-alias=domain-management-query.domain-management-ms uniroma1/j8-gradle-ms:1.0 /bin/sh

From the other service I can ping it and resolve it by hostname.

My configuration is from this book: https://github.com/carnellj/spmia-chapter7/ (Authentication-service + organization-service).

resource service:

@Configuration
public class ResourceServerConfiguration extends
        ResourceServerConfigurerAdapter {
    @Override
    public void configure(HttpSecurity http) throws Exception{
        http.cors().disable().authorizeRequests().anyRequest().authenticated();
    }
    @Bean
    RequestDumperFilter requestDumperFilter() {
        return new RequestDumperFilter();
    }
}

Authorization Service:

@Configuration
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {

    @Autowired
    private DataSource dataSource;

    // The Authentication-
    //ManagerBean is used
    //by Spring Security to
    //handle authentication.
    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    /*
    The UserDetailsService is used by Spring
    Security to handle user information that
    will be returned the Spring Security.
     */
    @Override
    @Bean
    public UserDetailsService userDetailsServiceBean() throws Exception {
        return super.userDetailsServiceBean();
    }

    /**
     * The configure() method is
     * where you’ll define users, their
     * passwords, and their roles.
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
                .withUser("john.carnell")
 .password("{noop}password1")
 .roles("USER")
                .and()
 .withUser("william.woodward")
                .password("{noop}password2")
.roles("USER", "ADMIN")
        ;
    }

}

AuthorizationServerConfigurerAdapter:

@Configuration
public class JWTOAuth2Config extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;
    @Autowired
    private UserDetailsService userDetailsService;


    /**
     * Which *clients* are going to register to the service.
     */
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

        clients.inMemory()
                .withClient("jacopetto")
                .secret("{noop}thisissecret")
                .authorizedGrantTypes("refresh_token",
                        "password",
                        "client_credentials")
                .scopes("webclient", "mobileclient");
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints
                .authenticationManager(authenticationManager)

.userDetailsService(userDetailsService);
    }
    @Override
    public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {

        oauthServer.allowFormAuthenticationForClients();
    }
}

I've also tried to shorten the hostname to dom-manag-query.d-m but seems not working.

Jonathan JOhx · Answer 1 · 2018-11-11T17:52:42.267

0

As it's is displayed in that project, in docker/common you'll find docker-compose and its environment variables are called like for example:

authservice:
 ... 

customservice:
     image: data/customservice
     ports:
        - "7777:7777"
     environment:
        PROFILE: "default"
        SERVER_PORT: "7777"
        AUTHSERVER_URI:   "http://authservice:8080/auth/user"

Has to be the same authservice name.

edited Nov 11 '18 at 17:52

answered Nov 11 '18 at 15:03

Jonathan JOhx

5,784
2
17
33

thanks for the answer! I'm aware of that, but should have specified (I've edited the question). I think my problem is somehow related to this: https://stackoverflow.com/questions/51632753/spring-boot-rest-app-returns-400-when-requested-from-other-docker-compose-servic#51636458 – Federico Ponzi Nov 11 '18 at 15:08
Oh right! You are using it in production with host name so you can create a network stuffs. Let me share this link in order to do that as reference https://andrewtarry.com/docker_compose/ – Jonathan JOhx Nov 11 '18 at 18:01

Spring oauth not working with docker domains

1 Answers1