Official tutorial: https://spring.io/guides/tutorials/spring-boot-oauth2/
Questions tagged [spring-oauth2]
708 questions
0
votes
2 answers
How to integrate AngularJS and Spring-OAuth2?
I have developed Spring-Rest APIs using Spring-Boot-1.3.1. Then I have provided Spring-OAuth2 Security for those APIs. This resides as asingle project in Apache Tomcat.
APIS I developed:
GET -> /api/articles
GET -> /api/articles/1
POST ->…
user5572128
- 19
- 7
-1
votes
0 answers
OAuth authorization server is not able to handle the Oauthclient
I am working on OAuth security. OAuth client config file has a problem in bean SecurityFilterChain, giving many errors.
Here are my files.
config file
@EnableWebSecurity
public class WebSecurityConfig {
private static final String[]…
loner00
- 7
- 3
-1
votes
0 answers
Allow unauthenticated access to certain endpoints with Spring Security 6 and Spring OAuth2 resource server
Problem
I have an API which I need to secure using Spring Security 6 (using Spring Boot 3.1.1) and I am also using Spring OAuth Resource Server. All endpoints must be secured, except for those that start with /api and /auth prefixes.
#…
Arthur Klezovich
- 2,595
- 1
- 13
- 17
-1
votes
1 answer
How to get the granted authorities/roles from custom OIDC claim using spring oidc/oauth2 (AWS cognito)
OK so I have a basic oauth2/oidc configuration in spring/spring boot. The authentication stuff all seems to be working reliably with minimal configuration until I attempt to access the roles. When I look at my granted authorities of my logged in…
user9221321
- 19
- 2
-1
votes
1 answer
How to protect outgoing API calls with OAuth2 authorization in Spring Boot microservices while keeping incoming API calls unprotected?
I have two Spring Boot services, S1 and S2, both with their own API endpoints. S1 is protected with OAuth2 client credentials, so I have configured S2 as an OAuth2 client and am using WebClient to make API requests on S2. To achieve this, I added…
Jithin M V
- 175
- 1
- 1
- 10
-1
votes
1 answer
spring-authorisation-server and email adresses inside user details
So some after fighting with spring-authorisation-server,
it now mostly works behind the oauth2-proxy.
One final problem is now, that the oauth2-proxy is not happy,
that there is no email adress provided during the flow.
But i haven't found anything…
Andreas
- 71
- 4
-1
votes
1 answer
Spring-Security with OAuth2Login & CustomAuthenticationProvider
In my case I have an OAuth2 login with a CustomAuthenticationProvider.
Now I have the problem that the CustomAuthenticationProvider is not called and I don't know why.
The login works so far without problems.
My properties that I have set for the…
npriebe
- 111
- 3
- 10
-1
votes
1 answer
spring security oatuh2: how to validate without authorization server
A question has arised to me when I've tried to use spring-boot-starter-oauth2-resource-server dependency and set up my service as a oauth2 resource service.
I've configured spring oauth2 resource server without…
Jordi
- 20,868
- 39
- 149
- 333
-1
votes
1 answer
Controllers returning default login html page after adding Spring Oauth2 Client dependency
I'm new to spring security. I have a custom oauth 2.0 provider. I was trying to create an end point "/test"(doesn't use oauth 2.0) which will hit another end point x(x uses oauth 2.0). Here is the code that I wrote to get started…
Sarthak
- 57
- 6
-1
votes
1 answer
What's the best way to authenticate / autorize a server using Oauth 2?
I have a server server1 that exposes an API which returns a list of purchased items. This API is protected by OAuth2. A user needs to be authenticated and have the role 'ROLE_SUPERVISOR' to access this API.
I want to be able to call this API from…
brianny
- 1
-1
votes
2 answers
Spring OAuth2.0 auth server is slow
My spring OAuth2.0 authorization micrservice is extremely slow. It takes 450+ms to check a token.Generating tokens takes 1.6s and above. What could be the reason? How can I improve the performance of my microservice ?
Details:
Auth and…
Sachin Titus
- 1,960
- 3
- 23
- 41
-1
votes
1 answer
SpringBoot 1 vs 2 and Spring Oauth2- Password Grant and Client Secret
Does anybody know how the versioning in SpringBoot and Spring Oauth2 works?
When I change the versions of SpringBoot and Spring Oauth2 I go from getting valid access and refresh tokens to an "unauthorized" error . I am using…
BlackLog
- 301
- 1
- 5
- 17
-1
votes
1 answer
How to disable default Spring OAuth2 REST APIs?
We use the following version of spring-security-oauth2:
org.springframework.security.oauth
spring-security-oauth2
2.0.11.RELEASE
When…
dso
- 109
- 10
-1
votes
2 answers
sprin mvc 5 rest + aouth 2 + angular 6 - oauth/token ‘Access-Control-Allow-Origin’ missing
i'm starting an app with spring mvc 5 & angular 6, when i try to get the token by sending a post request with angular it show in my browser console this message:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote…
Djamel Kr
- 759
- 1
- 4
- 14
-1
votes
1 answer
How do you use a non-password grant type in Spring Security Oauth2?
I see that Spring Security Oauth2 has different grant types:
https://projects.spring.io/spring-security-oauth/docs/oauth2.html#grant-types
How do you use a grant type that is not password?
I currently have password based authentication working.
$…
Chloe
- 25,162
- 40
- 190
- 357