Stack Overflow
Stack Overflow

Questions tagged [spring-security-oauth2]

Spring Security's deprecated implementation of the OAuth2 spec. For OAuth2 with Spring Security 5 use Spring Security tag. We don't get many questions on OAuth 1(a) but feel free to tag them here.

Spring Security's deprecated implementation of the OAuth2 spec. The GitHub Project and the Spring Framework Website provide support for using Spring Security 4 with OAuth (1a) and OAuth2. It provides features for implementing both consumers and providers of these protocols using standard Spring and Spring Security programming models and configuration idioms.

3166 questions
1
vote
2 answers

No provider found for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken

I have created three application as "spring cloud gateway(8081)", "spring oauth2 auth server(8094)" and "spring oauth2 resource server(8097)". When I want to request to resource server, first I need to request gw, it forwards to oauth server and I…
denizg
  • 828
  • 9
  • 18
1
vote
1 answer

War File creates a duplicate dependency

I'm trying to do mvn clean install and the package to creates a war file to be deployed on Tomcat server but the thing is these jars below are getting created even after deleting the related dependency (...\WEB-INF\lib ) file…
Duaa
  • 77
  • 3
  • 10
1
vote
0 answers

Problem with fetch from frontend ReackJS with Spring api, using ouath, problem with "error_description":"Missing grant type""

I have problem with fetch() from REACTJS on frontend but when I use postman everything is good. When I use postman i have response like this -> "access_token":…
Paweł O
  • 19
  • 2
1
vote
2 answers

What's the Spring Security 5.2 / WebClient way of using username & password to connect to another service?

We currently have several Spring Boot applications connecting to other services using a service account. Till now we used the AccessTokenRequest of the OAuth2ClientContext on a RestTemplate to put the user and password of the service account in and…
JeroenV
  • 53
  • 2
  • 10
1
vote
0 answers

Spring Webflux -Security: How to let Spring return 401 (UNAUTHORIZED) exception when jwt token expired or wrong

Below is code which authorise JWT token (Keyclock) but in case of exception , server never returns 401 @EnableWebFluxSecurity public class SecurityConfig { @Bean public SecurityWebFilterChain securityWebFilterChain(final ServerHttpSecurity…
user1126046
  • 37
  • 1
  • 2
  • 9
1
vote
0 answers

@EnableOAuth2Sso and @EnableResourceServer (client and resource behavior in the same app)

I know that there are some similar topics but they are about implementation difficulties, whereas my question is more architect wise. And it is generally not springframework related. Let's say there is an application that implements both…
Olegdelone
  • 189
  • 4
  • 15
1
vote
0 answers

spring OAuth2 service to service client credentials

I have a set of services behind a zuul gateway, one of which is the auth server. I have it configured to parse the jwt with a jwk set from the auth server at /.well-known/jwks.json for users on each service with a password grant to access simple…
NotTim
  • 11
  • 3
1
vote
1 answer

Spring OAuth2 Resource Server - user-name-attribute not reflected in SecurityContextHolder

I have a claim named user_name within my JWT and also corresponding user-name-attribute set as user_name in spring security oauth2 client provider proper…
m52509791
  • 449
  • 5
  • 13
1
vote
1 answer

Is it possible to get the ClientDetails in TokenEnhancer

I've configured some additional_information in the oauth_client_details table which i need to send as a additional data in access token response. Tried calling OAuth2AccessToken.getAdditionalInformation() which is giving empty Also can somebody…
Ravi MCA
  • 2,491
  • 4
  • 20
  • 30
1
vote
2 answers

Spring - oauth 2 - Cannot convert access token to JSON

I am trying to validate an access token on a resource server. jwt.io validates the access token with the signature, so I guess the problem is spring configuration This is my pom.xml
user60108
  • 3,270
  • 2
  • 27
  • 43
1
vote
0 answers

Add custom parameters to Spring Security oAuth2 login

I have a web-app written in Java using Spring as a back-end framework. I implemented the login through Facebook and Google using Spring Social OAuth2. I was wondering if there was a way to pass extra parameters to the login…
Stefano Sambruna
  • 767
  • 2
  • 10
  • 29
1
vote
1 answer

Configure Client Credentials Flow with spring gateway and Oauth2

I have some problems with the configuration of the Client Credentials flow in my Client app (My Spring Gateway). My Authorization server is functional and tests with Postman without any problem. But in my Client application, it seems that the oauth2…
Jeremy Caillié
  • 101
  • 2
  • 11
1
vote
1 answer

Adding "nonce" value to token response of spring authorization server

I am trying to implement authorization server with spring security 5.1. But I have a problem. I have implemented a custome token enhancer to add id_token in token response to match OIDC scope and it is working fine. But the problem started when the…
Jose Loor
  • 205
  • 5
  • 18
1
vote
1 answer

Spring Boot OAuth Ressource Server Proxy Configuration

I am currently struggeling using a proxy in combination with Spring-Webflux. In other services I always followed this approach, which worked perfectly (proxy configuration is retrieved from standard environment variables): @Bean public RestTemplate…
SebastianK
  • 712
  • 4
  • 19
1
vote
0 answers

OAuth2 Authentication Webservice call BackEnd Client

Scenario: Have an application A that makes webservice calls to service on the other application. Everything is backend no UI. We are trying to do OAuth2/OpenId Authentication for this B2B communication. I am looking for some client which can take…
Jack
  • 11
  • 2
1 2 3
99 100