I followed the following guide to setup a JHipster generated Gateway with Amazon Cognito: https://blog.ippon.tech/aws-cognito-and-jhipster-for-the-love-of-oauth-2-0/
I got the gateway working great and I'm able to log in into the admin module using Cognito however I am not able to invoke any of the microservices. Any attempt is met with the following error:
java.lang.NullPointerException: null at com.test.security.oauth2.AudienceValidator.validate(AudienceValidator.java:26) at com.test.security.oauth2.AudienceValidator.validate(AudienceValidator.java:13) at org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator.validate(DelegatingOAuth2TokenValidator.java:67) at org.springframework.security.oauth2.jwt.NimbusJwtDecoder.validateJwt(NimbusJwtDecoder.java:165) at org.springframework.security.oauth2.jwt.NimbusJwtDecoder.decode(NimbusJwtDecoder.java:126) at org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider.authenticate(
Debugging show that audience variable is null in the following code:
public OAuth2TokenValidatorResult validate(Jwt jwt) {
List<String> audience = jwt.getAudience();
if (audience.stream().anyMatch(allowedAudience::contains)) {
return OAuth2TokenValidatorResult.success();
} else {
log.warn("Invalid audience: {}", audience);
return OAuth2TokenValidatorResult.failure(error);
}
}
I've configured the microservice's application.xml with the following:
security:
oauth2:
client:
provider:
oidc:
issuer-uri: https://cognito-idp.us-east-1.amazonaws.com/[secret]
registration:
oidc:
client-id: [secret]
client-secret: [secret]
Has anyone been able to successfully run a jHipster generated microservices platform with Amazon Cognito? Any help would be greatly appreciated.
