Stack Overflow
Stack Overflow

Questions tagged [spring-oauth2]

Official tutorial: https://spring.io/guides/tutorials/spring-boot-oauth2/

708 questions
2
votes
0 answers

Multiple oauth2 rest templates in Spring without using OAuth2ClientContext

I'am having some difficulties to setup mulitple OAuth2RestTemplates in Spring Boot using the spring-security-oauth2-autoconfigure package. Basically, what I want to achieve is, that users can login to my website using SSO (I am using the…
Jan
  • 81
  • 6
2
votes
0 answers

Does anyone have a UserDetails Service Example for Spring Cloud OAuth2 and Active Directory?

I have a Spring Cloud (Edgeware.SR3) OAuth2 Authorization server configured with Custom JWT tokens. I'm getting an IllegalStateException, UserDetailsService is required error when I hit the token_refresh endpoint. Does anyone have an example of…
Jim Hankins
  • 1,055
  • 1
  • 11
  • 27
2
votes
2 answers

Spring: forwarding to /oauth/token endpoint loses authentication

I'm building a Spring Boot authorization server which needs to generate Oauth2 tokens with two different auth methods. I want to have a different endpoint for each method, but by default Spring only creates /oauth/token, and while it can be changed,…
Anxo
  • 475
  • 4
  • 13
2
votes
0 answers

Disabling Authorization endpoint in Spring Oauth

I am spring boot oauth2 2.0.0.RELEASE. I am trying to disable the authorize endpoints as we wont be using it ? Is there a configuration I can set to disable it ? We only use the token endpoint
sam
  • 568
  • 1
  • 8
  • 16
2
votes
1 answer

Spring Boot Oauth2 use multiple grant_types for for same URL

Is it possible to configure Spring Boot to allow Oauth2 grant types password and authorization_code on the same URL. For example /boot I have done basic authorization configuration as below security: oauth2: client: accessTokenUri:…
11thdimension
  • 10,333
  • 4
  • 33
  • 71
2
votes
1 answer

How to get AdditionaInformation List From OAuth2

I set an additional information by using OAuth2AccessToken enhance. I can see the additional information in the token but how can I get that list in my services class? public final class CustomTokenEnhancer implements TokenEnhancer { @Override …
Eniss
  • 975
  • 2
  • 20
  • 40
2
votes
1 answer

Spring OAuth2 - Authorize URLs with Additional Information

Spring security allows us to authorize URLs with hasAnyAuthority(), hasAnyRole(), hasRole() if we set granted authorities. If I create a custom token enhancer where I can add additional information in my token, is there a way to make authorization…
Eniss
  • 975
  • 2
  • 20
  • 40
2
votes
1 answer

Multiple Login endpoints Spring Security OAuth2

I'm trying to implement multiple login strategies for different user roles (Spring Security OAuth2 with Spring Boot 2), and each strategy should use a different endpoint. I have 3 user types, REGULAR, EXTERNAL, CLIENT, where regular logs in vía…
Desiderantes
  • 169
  • 1
  • 1
  • 13
2
votes
1 answer

Retrieving facebook profile infos with spring-security-oauth2-client

i'm trying to set up a project with facebook login and retrieve some profile infos of the users on connexion. Context: Spring Boot : 2.0.0.RC1 Spring Security Oauth2 Client : 5.0.2.RELEASE Everything is working well and i'm able to connect users…
omahjoub
  • 41
  • 6
2
votes
1 answer

Spring OAuth2.0: How can I add a custom query parameter to the Authorization code (/oauth/authorize) response?

I see that the authorization code is inserted into the redirectUri here inside AuthorizationEndpoint.java private String getSuccessfulRedirect(AuthorizationRequest authorizationRequest, String authorizationCode) { if (authorizationCode == null)…
Frank
  • 41
  • 5
2
votes
1 answer

Spring Security: How to pass oauth2 access token in request headers

On successful login to my spring security application configured with Oauth2, I received a response with Oauth2 token. For the subsequent request I passed Oauth2 access_token in URI Query Parameter like…
Krish
  • 41
  • 4
2
votes
1 answer

Testing org.apache.http.entity.ContentType when the HTTP response content type doesn't contain a space

I am writing a test for an authorization server that tests that the content type of an oauth response is JSON. The authorization server is using spring-security-oauth2 2.0.1.4.RELEASE and my JUnit test is using rest-assured 2.9.0. @Test public void…
secondbreakfast
  • 4,194
  • 5
  • 47
  • 101
2
votes
1 answer

Using JdbcTokenStore for JWT

for my REST API I am using JWT's for OAuth2 authorization. Currently I am extending JwtTokenStore to store the refresh tokens in memory so that I am able to revoke them. // TODO: This is a temporary in memory solution that needs to be replaced with…
secondbreakfast
  • 4,194
  • 5
  • 47
  • 101
2
votes
0 answers

How to associate some session state in OAuth2 authorization

I am trying to front or "wrap" a RESTful API service application in front of a backend HTTP service. The backend service maintains authentication state via proprietary sessions. Authentication with the backend server is achieved through a…
Donovan
  • 88
  • 8
2
votes
2 answers

Spring OAuth authorization server and resource server on different servers

I am trying to configure spring boot authorization and resource server, each on a different server. The tutorial doesn't not explain how exactly to configure the resource and authorization server on different servers. If your Resource Server is a…
Adelin
  • 18,144
  • 26
  • 115
  • 175
1 2 3
47 48