Stack Overflow
Stack Overflow

Questions tagged [spring-oauth2]

Official tutorial: https://spring.io/guides/tutorials/spring-boot-oauth2/

708 questions
6
votes
1 answer

Why am I not getting authenticated by my Spring-Cloud Gateway / OAuth2-Client when I am sending my valid bearer-token in the authorization header?

I am developing a microservice infrastrucutre, and began by implementing a Spring Cloud Gateway to proxy all my requests. I secured my Gateway with keycloak via the spring-boot-starter-oauth2-client Dependency. I use the TokenRelay Filter to append…
smotastic
  • 388
  • 1
  • 11
6
votes
3 answers

Spring Boot Oauth2 Resource Server UserDetailsService

Trying to get a UserDetailsService working for an oauth2 resource server I set up. I'm able to successfully authenticate the jwt, but nothing I do seems to get it to call the loadUserByUsername method. This originally was using SAML and it was…
MGZero
  • 5,812
  • 5
  • 29
  • 46
6
votes
2 answers

Spring Boot Oauth2 authorization server not accepting valid tokens

I have problems setting up a simple microservice system using Spring Boot's OAuth2 capabilities. What I want to do is to set up a Spring Boot Authorization Server handling registration, authorization and user data management. Besides that, I'd like…
Eric
  • 123
  • 1
  • 10
6
votes
1 answer

OAuth2AuthenticationToken vs OAuth2Authentication

1-What is the difference between OAuth2AuthenticationToken and OAuth2Authentication? 2-In my spring boot client web application, I've used dependency "spring-boot-starter-oauth2-client" to implement (single sign on) sso with an authorization server,…
MATRIX81
  • 83
  • 8
6
votes
1 answer

Spring JdbcTokenStore doesn't store/ create tokens. (Failed to fetch token)

So I've been trying for over a week to get the JdbcTokenStore to work, but I can't seem to figure out what is wrong. I'm not using spring boot and I'll try my best to explain what I'm doing. So let's start with the database for the tokens: I'm using…
Oguzcan
  • 412
  • 6
  • 20
6
votes
1 answer

Can i append some information in oauth/check_token endpoint and retrieve it at authorization server?

Preface I am working on an OAuth application for security between two servers. I have an OAuth Server and a Resource Server. The Resource Server has a single .war deployed that contains 4 APIs. Single Responsibility The OAuth server has to…
user2252882
6
votes
1 answer

Why Spring security is based in username instead of user id?

In spring security, UserDetails uses username as an identifier of user. My user model have multiple types of identifications and have multiple ways of authentication (via email, phone number, facebook, etc). I am using…
André Abreu
  • 737
  • 7
  • 13
6
votes
3 answers

Oaut2RestTemplate with client_credentials error (anonymous not allowed)

I'm trying to access a web service which is protected by Spring Security using ResourceServerConfigurerAdapter (with Oauth2 client_credentials) Following is the security configuration //Micoservice 1 @Configuration @EnableResourceServer class…
11thdimension
  • 10,333
  • 4
  • 33
  • 71
6
votes
2 answers

Spring OAuth2: Validity Period of RefreshTokens is not renewed

I'm using the resource owner password grant with spring-security-oauth in backend. The Tokens are JWT. I would like to have short living access tokens (say 2 minutes) but long living refresh tokens( say on hour). As I understand, after the first…
Nicolas Schwarzentrub
  • 237
  • 1
  • 4
  • 15
6
votes
1 answer

How can I redirect requests from the root context "/" to custom configured "server.context-path"

I have a simple Spring Boot web app which is configured with @EnableAuthorizationServer. It is configured with server.context-path=/uaa and everything works as expected. However, when I hit the app at the URL http://localhost, I get a 404. I want to…
Michael P.
  • 651
  • 5
  • 8
6
votes
1 answer

Spring Ouath2 Registered Redirect Uri

I am using Spring OAuth2 to enable login with SoundCloud. I've have already registered my callback url. So when I am using Spring OAuth2 and set my redirect url explicitly it forced me to process it manually (by providing some controller for it). I…
Sergii Getman
  • 3,845
  • 5
  • 34
  • 50
6
votes
0 answers

RestTemplate does not follow redirects even when GET is used

I am using the RestTemplate class to get to some page, which will require redirect ( redirect to oauth 2 provider, but that probably doesnt matter ). I am doing: ResponseEntity forEntity = oAuth2RestTemplate.getForEntity(url, String.class,…
hi_my_name_is
  • 4,894
  • 3
  • 34
  • 50
6
votes
1 answer

JWE in Spring Security OAuth2 JWT

Is it possible to use JSON Web Encryption(JWE) with Spring Security OAuth2 JWT ? Right now I have a following JwtAccessTokenConverter: @Bean public JwtAccessTokenConverter accessTokenConverter() { JwtAccessTokenConverter converter = new…
alexanoid
  • 24,051
  • 54
  • 210
  • 410
6
votes
1 answer

How can I get a custom Principal object with Spring using OAuth2?

I have a Spring Boot application utilizing spring-security-jwt and spring-security-oauth2. I've got a custom User object extending UserDetails and a Custom UserDetailsService returning this object from the loadUserByUsername method. But when I…
Jim Hankins
  • 1,055
  • 1
  • 11
  • 27
6
votes
1 answer

Adding social login to native apps using spring security oauth

I've been following this link https://spring.io/guides/tutorials/spring-boot-oauth2 for implementing security to my own resource server. My final goal was to have custom login oauth server to access resource server from an android app which I've…
Heisenberg
  • 5,514
  • 2
  • 32
  • 43
1 2 3
47 48