Stack Overflow
Stack Overflow

Questions tagged [spring-oauth2]

Official tutorial: https://spring.io/guides/tutorials/spring-boot-oauth2/

708 questions
2
votes
0 answers

Additional parameter on spring-authorization-server

What I'm going to do is like this. post additional parameter when user submit on consent page. send posted additional parameter to redirect uri. I've checked through AuthorizationRequestConverter that…
kwanikJang
  • 21
  • 4
2
votes
1 answer

Spring Authorization Server with custom login

I'm trying the new spring framework spring-security-oauth2-authorization-server I got the POC working perfectly from baeldung, but when I try go farther than the default config, I didn't managed to get things…
Fozix
  • 133
  • 3
  • 12
2
votes
3 answers

Redirect to original URL after successful authentication in Spring Security

I have the following security configuration class in a Spring Cloud Gateway application. This gateway acts as an OAuth2 client handling the user authentication. After a successful authentication, I'd like to redirect to the URL of the single-page…
Robert Strauch
  • 12,055
  • 24
  • 120
  • 192
2
votes
1 answer

Securing Spring Cloud Gateway with bearer-only

I currently want to secure my microservice architecture with a Spring Cloud Gateway. There is FrontEnd which authenticates itself to a Keycloak server and then sends the token with every request. Now it is the case that only the gateway should be…
Nimal
  • 149
  • 14
2
votes
0 answers

Asynchronous streaming with Spring MVC

Here's a part of a Spring Web MVC app using WebClient for its OAuth2 client integration, its purpose being to proxy some requests to and from the resource server with the appropriate authorization headers, hacked together to pipe data from an async…
chaff
  • 21
  • 1
2
votes
0 answers

How to use bcrypt decoder in Spring security OAuth2 client?

I have a spring boot application using spring-boot-starter-oauth2-client. I want to hide my client secret in the application configuration file like : spring: security: oauth2: client: registration: keycloak: …
louis amoros
  • 2,418
  • 3
  • 19
  • 40
2
votes
1 answer

Alternative For OAuth2FeignRequestInterceptor as it is deprecated NOW

In my previous implementation I was using OAuth2FeignRequestInterceptor. But from Spring security 5 onwards, OAuth2FeignRequestInterceptor seems to be deprecated. What is the alternative to achieve the same ?. I searched lot of blogs and threads,…
Ronit Mishra
  • 105
  • 11
2
votes
3 answers

How to get JWT token in SecurityContextHolder in Spring Boot OAuth2?

I have a resource server which is receiving requests with valid Bearer token. I can either use @AuthenticationPrincipal Jwt token for all requests where I need to get claims from the token or I should be able to get the user information from…
Mejmo
  • 2,363
  • 9
  • 35
  • 54
2
votes
1 answer

Accessing current ClientDetails inside custom UserDetailsService

I'm using Spring Boot OAuth Authorization Server (old stack) and implementing my own versions of ClientDetailsService and UserDetailsService, using Oauth2 password flow. Our JpaClientDetailsService implements loadClientByClientId and returns a…
regisxp
  • 956
  • 2
  • 10
  • 31
2
votes
2 answers

Spring OAuth2 Authorization Server alternative

Since Spring OAuth2 Authorization Server get deprecated so I want to find another library to replace. I know there are some alternative authorization server such as KeyCloak, FusionAuth, Gluu... but I can't use them because I need some more…
Kevin
  • 1,403
  • 4
  • 18
  • 34
2
votes
1 answer

How to use custom UserDetailService in Spring OAuth2 Resource Server?

I'm using Spring Boot (2.3.4.RELEASE) to implement a webservice acting as a OAuth2 resource server. So far I'm able to secure all endpoints and ensure that a valid token is present. In the next step I want to use Spring Method Security. The third…
Raman
  • 548
  • 1
  • 7
  • 17
2
votes
4 answers

Spring Boot Resource Server & Keycloak scope vs. role

is there anybody out there who is using Spring Boot Resource Server & Keycloak? I configured my application.properties with spring.security.oauth2.resourceserver.jwt.issuer-uri = http://localhost:9080/auth/realms/ In my…
naturzukunft
  • 79
  • 1
  • 8
2
votes
1 answer

Spring Security 5 OAuth 2 Social Logout

I have added to my Spring Boot MVC Web Application Social login feature. It allows users to login to my application with GitHub, Facebook, or Google account. But I am struggling to get the /logout feature work. Even though the /logout is called and…
interested-dev
  • 123
  • 9
2
votes
2 answers

OAuth2 Share Principal Object with Multiple Gateway Instances

I have integrated Spring Cloud Gateway with OAuth2 server. It works well with single instance gateway. here is my security config. @EnableWebFluxSecurity public class GatewaySecurityConfiguration { @Bean public SecurityWebFilterChain…
denizg
  • 828
  • 9
  • 18
2
votes
0 answers

Spring Security OAuth2 - Getting a custom principal from the Authentication object?

I am currently trying to get a custom UserInformation object to come back when I try to access the principal field from the Authentication object (Authentication.getPrincipal()) when using OAuth2. I am enabling OAuth2 in the…
kakasingh
  • 21
  • 1
1 2 3
47 48