1

I have an application, that currently uses RestTemplate + OAuth2. The application itself is NOT a Spring MVC app, so for example no ports are open (no @GetMapping what so ever).

I am migrating from Spring Security OAuth 2.x to Spring Security 5.2.x. using this guide: https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Migration-Guide

Config is:

@Configuration
public class WebClientConfig {
    @Bean
    public OAuth2AuthorizedClientManager authorizedClientManager(
            ClientRegistrationRepository clientRegistrationRepository,
            OAuth2AuthorizedClientRepository authorizedClientRepository) {

        OAuth2AuthorizedClientProvider authorizedClientProvider =
                OAuth2AuthorizedClientProviderBuilder.builder()
                        .clientCredentials()
                        .build();

        DefaultOAuth2AuthorizedClientManager authorizedClientManager =
                new DefaultOAuth2AuthorizedClientManager(
                        clientRegistrationRepository, authorizedClientRepository);
        authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);

        return authorizedClientManager;
    }

    @Bean
    public WebClient webClient(OAuth2AuthorizedClientManager authorizedClientManager) {
        ServletOAuth2AuthorizedClientExchangeFilterFunction oauth2Client =
                new ServletOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
        oauth2Client.setDefaultClientRegistrationId("regid");
        return WebClient.builder()
                .apply(oauth2Client.oauth2Configuration())
                .build();
    }
}

application.properties:

spring.security.oauth2.client.registration.regid.provider=regid
spring.security.oauth2.client.registration.regid.client-id=java-web
spring.security.oauth2.client.registration.regid.client-secret=secret
spring.security.oauth2.client.registration.regid.authorization-grant-type=client_credentials
spring.security.oauth2.client.provider.regid.token-uri=https://...token
spring.security.oauth2.client.provider.regid.jwk-set-uri=https://..certs

The problem is: This app runs on a server that has port 8080 already allocated. Previous version (Spring Oauth2 + RestTemplate) did NOT open any ports, especially 8080.

It seems that I can not use WebClient without making this app a webapp, listening on port 8080, which I cannot open, and I don't want to change to a random port to avoid collision. The app just simply does not need any ports to be opened.

I've tried several things, for example:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
    <exclusions>
        <exclusion>
            <artifactId>tomcat-embed-el</artifactId>
            <groupId>org.apache.tomcat.embed</groupId>
        </exclusion>
        <exclusion>
            <artifactId>tomcat-embed-core</artifactId>
            <groupId>org.apache.tomcat.embed</groupId>
        </exclusion>
        <exclusion>
            <artifactId>tomcat-embed-websocket</artifactId>
            <groupId>org.apache.tomcat.embed</groupId>
        </exclusion>
    </exclusions>
</dependency>

And also:

spring.main.web-application-type=none

etc., but every single time I've encountered a "random" NoClassDefFound javax.servlet.*, or: "Could not autowire. No beans of 'x' type found."

How can I setup the app:

  • using newest Spring Security with OAuth2
  • using WebClient
  • not being a webapp itself ?

thank you

Kumite
  • 2,129
  • 3
  • 15
  • 15
  • similar question https://stackoverflow.com/questions/73163599/auto-configure-clientregistrationrepository-in-a-non-web-spring-boot-application – Tioma Jan 06 '23 at 17:26

0 Answers0