Stack Overflow
Stack Overflow

Questions tagged [spring-oauth2]

Official tutorial: https://spring.io/guides/tutorials/spring-boot-oauth2/

708 questions
3
votes
1 answer

Spring OAuth2 server cannot refresh token with Resource owner credentials (password) grant flow

I have configured an OAuth2 authorisation server with spring security oauth, using jwt tokens: @Configuration @EnableAuthorizationServer public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { ... @Override …
Archie
  • 962
  • 2
  • 9
  • 20
3
votes
1 answer

How to validate facebook authorization token and sign up user using Spring(java)

I am developing an app whose frontend is written using React.js and the backend REST API is written using the Spring framework. I wanted to add social logins to my website, so after days of googling and research, I understood that OAuth2 is the…
The Coder
  • 3,447
  • 7
  • 46
  • 81
3
votes
0 answers

Spring Boot OAuth org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null

I am following a pluralsight tutorial, but even copying the code from the source it still gives HttpClientErrorException$Unauthorized: 401 error. The application that acts as server has in application.properties…
Oana-Elena Danescu
  • 91
  • 1
  • 8
3
votes
1 answer

Spring OAuth2 Custom Authentication Manager ClassCastException

i've a big problem and no idea how to solve it... I need to use customAuthenticationManager for third party log-in in my spring boot application, but when i declare custom authenticator i get : Handling error: ClassCastException, java.lang.String…
Krystian Fiertek
  • 93
  • 2
  • 8
3
votes
0 answers

Saml Bearer Assertion on OAuth Client to Server for authorization code grant

I want to implement SAML for authentication of user and OAuth to protect the API resources I developed. From bunch of readings I believe SAML bearer assertion workflow is what I am looking for. (Kindly correct me if it is wrong or any other…
user8453102
3
votes
1 answer

Spring Security OAuth2 Resource Server retry/resilience

I’m developing a Resource Server using Spring Security OAuth2(http://projects.spring.io/spring-security-oauth/docs/oauth2.html) which interacts with Authorization Server to retrieve/validate Auth Tokens. The OAuth Flow used here is ‘client…
Haran
  • 1,040
  • 2
  • 13
  • 26
3
votes
1 answer

If resource server are supposed to be stateless, how to send message to queue with websocket

I am currently working in messaging system, where resource server is stateless with oAuth 2. Now, i have to send a message to single user with a queue but problem is that spring messaging needed a session in other to send a messaging as described in…
shree
  • 304
  • 1
  • 12
3
votes
0 answers

Spring boot Openid Connect refresh token

I am new to Spring Boot and OpenID Connect. I am following this article and successfully authenticated the user and created the session in my Spring boot application. Now I am stuck on implementing these two requirements: How do I use refresh…
Rak2018
  • 935
  • 6
  • 16
3
votes
1 answer

Connect Spring Authorization server to external IDP and trigger authentication

We created an authorization server with JDBC backend token store. A similar implementation is hosted on GitHub. It is working perfectly fine in our environment using different grant types. Different web applications use this for SSO, and it issues…
Rahul Kargwal
  • 487
  • 1
  • 5
  • 20
3
votes
2 answers

Authenticate client id and client secret on Spring oauth/token request with LDAP

I'm investigating how the client id and client secret can be authenticated with LDAP. Note: this Kotlin code... @Configuration @EnableAuthorizationServer class OAuth2AuthorizationServerConfig() : AuthorizationServerConfigurerAdapter() { I'm…
BBB
  • 31
  • 4
3
votes
1 answer

Oauth2 authentication with Spring boot

Hi I am really new to Spring boot and Oauth2. I need to understand how to authenticate Spring boot web service with Oauth2 authentication with refresh token and access tokens. Likewise I need to know how to limit the access of different users…
Kepler
  • 399
  • 1
  • 7
  • 19
3
votes
0 answers

Spring oauth default token caching?

I haven't been able to find the documentation for Spring-managed tokens, and how to cache them. The below code triggers an auth call to get the token EVERY time I call the remove service. I'm using Spring OAuth with default configuration as…
Andrei
  • 513
  • 2
  • 8
  • 15
3
votes
1 answer

Using WebSecurityConfigurerAdapter with Spring OAuth2 and user-info-uri

I have created an Authorization service as follows @SpringBootApplication @EnableAuthorizationServer public class AuthorizationApplication { ... } With this…
alayor
  • 4,537
  • 6
  • 27
  • 47
3
votes
1 answer

spring-security returns 401 despite authorizeRequests().anyRequest().permitAll()

I'm using spring-security and spring-security-oauth2 (JWT access tokens) for authentication and authorization. The idea is to let all requests through, but to be able to distinguish between authenticated users and unauthenticated users. As soon as I…
msp
  • 3,272
  • 7
  • 37
  • 49
3
votes
0 answers

Alexa keeps asking for account linking

I've got an alexa skill configured with Auth Code Grant account linking. After the user token expires, alexa asks again for account linking and, as far as I understand from all the setup, Alexa should renew the token form my oauth server. any ideas…
eduyayo
  • 2,020
  • 2
  • 15
  • 35
1 2 3
47 48