-1

Does anybody know how the versioning in SpringBoot and Spring Oauth2 works? When I change the versions of SpringBoot and Spring Oauth2 I go from getting valid access and refresh tokens to an "unauthorized" error . I am using spring-boot-starter-parent. I ran some tests and its the Spring Boot version; when I change the version from 1.. to 2.. "/oauth/token" will not get hit any more. Here is the config of the Autherization Server:

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends 
AuthorizationServerConfigurerAdapter {
@Override
public void configure(ClientDetailsServiceConfigurer configurer) throws 
Exception {
configurer
    .inMemory()
    .withClient(CLIENT_ID)
    //.secret("secret")
    .authorizedGrantTypes(GRANT_TYPE_PASSWORD, REFRESH_TOKEN)
    .redirectUris("http://localhost:8080/")
    .scopes(SCOPE_READ)
    .accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS).
    refreshTokenValiditySeconds(REFRESH_TOKEN_VALIDITY_SECONDS);
    }
    ...
   }
BlackLog
  • 301
  • 1
  • 5
  • 17

1 Answers1

0

When you go from SpringBoot 1 to 2,

  • you will have to add a client secret in order for the authorization server to work. This is just how Spring Boot works.

  • If you are using a client secret in Spring Boot 1, you dont need to pass the hash but in Spring Boot 2 you will need to do that:

    inMemory()
.withClient(CLIENT_ID)
.secret(passwordEncoder.encode("secret"))
BlackLog
  • 301
  • 1
  • 5
  • 17