Stack Overflow
Stack Overflow

Questions tagged [spring-oauth2]

Official tutorial: https://spring.io/guides/tutorials/spring-boot-oauth2/

708 questions
5
votes
0 answers

Add custom endpoint to Spring OAuth2 Authorization Server

I am interested in adding a custom rest endpoint to my OAuth2 Authorization server. I want to add a registration endpoint that my UI resource server can call, register a user, and get back a token all in one shot (auto login on registration). I…
Matt Broekhuis
  • 1,985
  • 2
  • 26
  • 35
5
votes
6 answers

Spring security OAuth2 accept JSON

I am starting with Spring OAuth2. I would like to send the username and password to /oauth/token endpoint in POST body in application/json format. curl -X POST -H "Authorization: Basic YWNtZTphY21lc2VjcmV0" -H "Content-Type: application/json" -d…
Jakub Kopřiva
  • 491
  • 2
  • 4
  • 13
5
votes
0 answers

Spring security oauth2 resource server failing to call authorization server

I am trying to set up a oauth2 environment with client , resource and auth server running at 3 different places. Login happens fine. But when I try to access any resource via the client server I am getting error. I have defined the error at the…
Bikash Rath
  • 159
  • 1
  • 7
5
votes
6 answers

Spring oauth2 hasRole access denied

I am really new to OAuth2 and trying to build one server in roles auth.server for authorizing users and one keeping a protected resource... I've got issues to secure with the ResourceServerConfigurerAdapter. It seems like he is ignoring all it's…
David Steiman
  • 3,055
  • 2
  • 16
  • 22
4
votes
2 answers

How to use custom auth header with spring boot oauth2 resource server

I'm configuring spring cloud api gateway to support several security chains. To do that I'm using several security filter chains which triggered on specific security header presence: The legacy one which already use Authorization header And new…
Silk0vsky
  • 941
  • 1
  • 18
  • 34
4
votes
0 answers

Custom authenticationProvider with Spring Authorization Server

I'm migrating a microservice built on Spring Boot from Spring Security OAuth 2 (2.5.5) to Spring Security 5. For resource servers, this is easily done following many of the tutorials found online. Problem arises when there's Authorization server…
Juan Pablo Meza Utreras
  • 51
  • 5
4
votes
1 answer

Configure Spring Gateway with Spring Authorization Server

I have Spring Gateway application with the following Gradle dependencies: implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-gateway' implementation 'com.netflix.eureka:eureka-core' implementation…
Peter Penzov
  • 1,126
  • 134
  • 430
  • 808
4
votes
1 answer

How to configure OAuth2ResourceServer and OAuth2Client in the same application?

My application consists of an Angular UI, and a Spring backend. Both are bundled together and deployed on the same server. I am new to Spring Security/Oauth2, I find it very confusing. I want will be exposing a few APIs which could be consumed…
user2942416
  • 61
  • 3
4
votes
0 answers

Spring Boot as a resource server (JWK validation) & Angular/Cordova as front end - OAuth2 for social Login (Facebook & Google) support

I am stuck with the implementation of spring boot as a resource server for multiple authorization servers for validating the access/id tokens provided by authorization servers (such as google, facebook via front end libraries). Here is the…
Henry Gengiti
  • 51
  • 5
4
votes
2 answers

Webflux - Spring Boot - oAuth2 client with http proxy support

I'm struggeling to correctly setup the webflux-weblient with oauth2 behind a proxy. It seems, that the ServerOAuth2AuthorizedClientExchangeFilterFunction uses a new instance of a webclient , which doesn't contain my…
Weso
  • 408
  • 4
  • 14
4
votes
2 answers

Spring boot 2 add Interceptor before Security Interceptors

How i can add custom interceptor (i need log request data when security oauth abort request) before spring security check interceptors.
Igor Fedorov
  • 321
  • 3
  • 17
4
votes
1 answer

Why the same password does not match by the PasswordEncoder?

I did a lot of test, and a cant find the way to make it work. With the next basic spring-boot project, you can test how even the passwords are the same, the match method always return false. pom.xml
Fernando Jiménez
  • 81
  • 1
  • 8
4
votes
1 answer

AntMatcher and contextPath for API security

I have spring boot application. I have configured OAuth2 - both authorization and resource servers (separated). In the resource server (application.properties) I have: server.servlet.context-path=/api as well…
user3529850
  • 1,632
  • 5
  • 32
  • 51
4
votes
0 answers

Access logging in Spring Security with Spring Boot OAuth2

I'm using the Spring Boot OAuth2 (https://projects.spring.io/spring-security-oauth/docs/oauth2.html), making my own authorization server. I haven't found a way to provide a coherent access log for users that hit /oauth/token, I'm wanting both…
Jeff Walker
  • 1,656
  • 1
  • 18
  • 36
4
votes
1 answer

How to add a header into `AuthenticationKeyGenerator`?

Context: Multiple devices can use the same client credentials and as a result they share tokens, which can lead to race conditions when 2 or more devices try to refresh token. Device identification can be found in headers, so custom…
schatten
  • 1,497
  • 1
  • 12
  • 19
1 2 3
47 48