1

The application starts when other application calls the starting endpoint with the access token as a paremeter. The access token is a type of string.

Then I have to call a few other endpoints where the authentication is based on that token.

Is it possible to create OAuth2RestTemplate to make requests having only tokenValue withouth access token uri?

user51
  • 8,843
  • 21
  • 79
  • 158
tomasz-mer
  • 3,753
  • 10
  • 50
  • 69

1 Answers1

0

As far as I know, you can achieve this by implementing the AccessTokenProvider interface and setting it:

https://docs.spring.io/spring-security/oauth/apidocs/org/springframework/security/oauth2/client/token/AccessTokenProvider.html

Although, the OAuth2RestTemplate is exactly to simplify the use of this kind of flow for you. If your use will be straight forward maybe it's better for you to use the default RestTemplate and use the HTTP specification. So, for this, you should use an Authorization header of type Bearer. Like this:

HttpHeaders headers = new HttpHeaders();
headers.add("Authorization", "Bearer " + tokenValue);

And use this header in your requests, like this:

HttpEntity<String> request = new HttpEntity<String>(headers);
ResponseEntity<BodyClass> response = restTemplate.exchange(url, HttpMethod.GET, request, BodyClass.class);
BodyClass body = response.getBody();

Hope it helps.

Fabiano
  • 1,344
  • 9
  • 24
  • 1
    Actually, I don't know how I can achieve this by implementing AccessTokenProvider. It seems that using HTTP specification looks good for me but is not so nice like in case of spring and auth2. – tomasz-mer May 10 '19 at 07:54
  • But you want to handle the authentication flow manually, right? As I understood there's calls outside your common flow that you want to use the same token, right? If it's the case, I'd use the `RestTemplate` in these cases and the `OAuth2RestTemplate` for the regular ones. I can show you how to implement later, but it depends a lot on your flow. Can you provide some more details? – Fabiano May 10 '19 at 13:16
  • 1
    I did it using RestTemplate. Example of implementation of AccessTokenProvider for such a case will be interesting. – tomasz-mer May 10 '19 at 14:06