Provider ID must be specified for client registration 'azure'?

Question

When I upgrade to Spring Boot 2.6.6, the app shows error like this: I have this dependencies on my pom.xml:

  <dependencies>
      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-web</artifactId>
      </dependency>
      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-security</artifactId>
      </dependency>
      <dependency>
         <groupId>com.azure.spring</groupId>
         <artifactId>spring-cloud-azure-starter-active-directory</artifactId>
      </dependency>
      <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-oauth2-client</artifactId>
      </dependency>
   </dependencies>
   <dependencyManagement>
      <dependencies>
         <dependency>
            <groupId>com.azure.spring</groupId>
            <artifactId>spring-cloud-azure-dependencies</artifactId>
            <version>${spring-cloud-azure.version}</version>
            <type>pom</type>
            <scope>import</scope>
         </dependency>
      </dependencies>
   </dependencyManagement>

this configuration on my application.properties:

azure.activedirectory.tenant-id=*******.
spring.security.oauth2.client.registration.azure.client-id=*********.
azure.activedirectory.client-id=************.
spring.security.oauth2.client.registration.azure.client-secret=*************.
azure.activedirectory.client-secret=*************.

and the security configuration class is

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests().antMatchers("/**").authenticated();
    http.authorizeRequests().anyRequest().permitAll();
    http.addFilterBefore(jwtTokenFilterBean(),UsernamePasswordAuthenticationFilter.class);
     http.addFilterBefore(aadAuthFilter, UsernamePasswordAuthenticationFilter.class);
    http.csrf().disable() ;
}

and this is the bean class

  @Bean
        public FilterRegistrationBean<CorsFilter> simpleCorsFilter() {
            UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
            CorsConfiguration config = new CorsConfiguration();
            config.setAllowCredentials(true);
            config.setAllowedOrigins(Collections.singletonList("*"));
            config.setAllowedMethods(Collections.singletonList("*"));
            config.setAllowedHeaders(Collections.singletonList("*"));
            source.registerCorsConfiguration("/**", config);
            FilterRegistrationBean<CorsFilter> bean = new FilterRegistrationBean<>(new 
            CorsFilter(source));
            bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
            return bean;
        }

when I try to run the application, give me this error:

Caused by: java.lang.IllegalStateException: Provider ID must be specified for client registration 'azure'
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getBuilder(OAuth2ClientPropertiesRegistrationAdapter.java:95) ~[spring-boot-autoconfigure-2.6.6.jar:2.6.6]
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.getClientRegistration(OAuth2ClientPropertiesRegistrationAdapter.java:61) ~[spring-boot-autoconfigure-2.6.6.jar:2.6.6]
    at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter.lambda$getClientRegistrations$0(OAuth2ClientPropertiesRegistrationAdapter.java:53) ~[spring-boot-autoconfigure-2.6.6.jar:2.6.6]
    at java.util.HashMap.forEach(Unknown Source) ~[?:1.8.0_65]

why would this happen? what should I do to fix this problem?

Thanks in advance.

Does this post help you? https://stackoverflow.com/questions/66336695/configuring-spring-boot-starter-oauth2-client-to-authenticate-with-azure-ad — Marcus Hert da Coregio, Apr 07 '22 at 12:05

kavyaS · Answer 1 · 2022-04-07T20:17:55.257

Please check if application properties has the provider configured and having correct scopes for the api required.

Provided below some application properties.Please check for the missing ones or if everything is correct.

ex:application.properties

spring.security.oauth2.client.registration.azure.client-id=XXXXXXXXXX
spring.security.oauth2.client.registration.azure.client-secret=XXXXXXXXXX
spring.security.oauth2.client.registration.azure.scope=openid,profile,email,offline_access  //here provide required scopes ex:
spring.security.oauth2.client.registration.azure.redirect-uri-template=’{baseUrl}/login/oauth2/code/{registrationId}’
spring.security.oauth2.client.registration.azure.client-name=xxxxxxxxx
spring.security.oauth2.client.registration.azure.provider=xxxxxxxxx
spring.security.oauth2.client.registration.azure.client-authentication-method=basic
spring.security.oauth2.client.registration. azure.authorization-grant-type=authorization_code

spring.security.oauth2.client.provider. azure.authorization-uri=https://login.microsoftonline.com/<tenantid>/oauth2/v2/authorize
spring.security.oauth2.client.provider. azure.token-uri= https://login.microsoftonline.com/xxxxxxxxxxxxxx/oauth2/v2/token
spring.security.oauth2.client.provider.xxxxxxxxx.user-info-uri=https://login.microsoftonline.com/xxxxxxxxxxxxxx/openid/userinfo   
spring.security.oauth2.client.provider. azure.user-name-attribute=name
spring.security.oauth2.client.provider. azure.user-info-authentication-method=header
spring.security.oauth2.client.provider. azure.jwk-set-uri=https://login.microsoftonline.com/xxxxxxxxxxxxxx/discovery/v2/keys

If the api is graph api , the scope can be https://graph.microsoft.com/user.read and if it is not graph api make sure to expose an api and give proper permissions and grant admin consent for the same .

Also please check the manifest to see accesstokenacceptedversion , tr y changing it to 2 if it is null or 1 befor or vice versa and make the configuration for the same i.e;

if v2 the property spring.security.oauth2.client.provider. azure.authorization-uri=https://login.microsoftonline.com/<tenantid>/oauth2/v2/authorize or

if v1 spring.security.oauth2.client.provider.azure.authorization-uri=https://login.microsoftonline.com/<tenantid>/oauth2/authorize

References:

How we can find the provider Id in Azure portal? – Rini Antony Apr 12 '22 at 13:02 — Rini Antony, Apr 12 '22 at 13:02

Provider ID must be specified for client registration 'azure'?

1 Answers1