I'm trying to setup an API that needs to comunicate with another service that requires the server to login using OAuth2.
I have the following files/configuration:
@Configuration
public class WebClientConfig {
@Bean
WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations, ServerOAuth2AuthorizedClientRepository authorizedClientRepo) {
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth =
new ServerOAuth2AuthorizedClientExchangeFilterFunction(
clientRegistrations,
authorizedClientRepo);
oauth.setDefaultClientRegistrationId("xxx");
return WebClient.builder()
.filter(oauth)
.build();
}
}
@Configuration
public class WebSecurity {
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http.authorizeExchange()
.anyExchange()
.permitAll();
return http.build();
}
}
@RestController
public class RestTest {
private final WebClient webClient;
public RestTest(WebClient webClient) {
this.webClient = webClient;
}
@GetMapping("/test")
public Mono<String> obtainSecuredResource() {
Mono<String> retrievedResource = webClient.get()
.uri("https://apixxx.com/banks")
.retrieve()
.bodyToMono(String.class);
return retrievedResource.map(string -> "We retrieved the following resource using Oauth: " + string);
}
}
Properties:
spring.security.oauth2.client.registration.xxx.client-name=xxx
spring.security.oauth2.client.registration.xxx.client-id=random
spring.security.oauth2.client.registration.xxx.client-secret=random
spring.security.oauth2.client.registration.xxx.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.xxx.redirect-uri=http://localhost:8080/login/oauth2/code/xxx
spring.security.oauth2.client.provider.xxx.token-uri=https://app.xxx.pt/oauth/access_token
spring.security.oauth2.client.provider.xxx.authorization-uri=https://app.xxx.pt/oauth
But when I send the request I get the following error:
[client_authorization_required] Authorization required for Client Registration Id: xxx
Thanks
