Spring Resource Server with OAuth2 to relay access token

Question

I have a Spring Boot Resource Server protected with OAuth2 (KeyCloak). I can access endpoints with Bearer Token. Now, I want to call another service protected by the Auth Server. I would like to relay the token. I could not find a clear guide as to how to do it.

My dependency is:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
</dependency>

My application.yml is like:

spring:
  security:
    oauth2:
      resourceserver:
        jwt:
          issuer-uri: <info>

I am trying to create OAuth2RestTemplate like:

    @Bean
    public OAuth2RestTemplate oauth2RestTemplate(OAuth2ClientContext oauth2ClientContext, OAuth2ProtectedResourceDetails details) {
        return new OAuth2RestTemplate(details, oauth2ClientContext);
    }

But I am getting error:

required a bean of type 'org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails' that could not be found.

How can I fix this?

score 0 · Answer 1 · answered Sep 14 '20 at 14:30

After a lot research and many trial-and-error, the solutions I came up is:

Add dependency

        <dependency>
            <groupId>org.springframework.security.oauth.boot</groupId>
            <artifactId>spring-security-oauth2-autoconfigure</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-jwt</artifactId>
            <version>1.1.1.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
        </dependency>

And

@EnableOAuth2Client

In application.yml, I aded

security:
  oauth2:
    keycloak:
      clientId: <CLIENT_ID>
      clientSecret: <CLIENT_SECRET>
      grantType: client_credentials
      accessTokenUri: <URI>
      userAuthorizationUri: <URI>
      scope: openid profile email

Configuration


    @Bean
    @ConfigurationProperties("security.oauth2.keycloak")
    protected OAuth2ProtectedResourceDetails keycloakOAuth2Details() {
        return new ClientCredentialsResourceDetails();
    }

    
    @LoadBalanced
    @Bean
    public OAuth2RestTemplate restTemplate(RestTemplateCustomizer customizer) {
        OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(keycloakOAuth2Details);
        customizer.customize(restTemplate);
        return restTemplate;
    }

I am not sure whether the depency it all necessary.

Hey Ranpa, why do we need to add those values to app.properties... shouldn't we be using the resource server only. I think this implies that I shouldn't be adding no client Id etc... — Marianne Abdelmalek, Feb 16 '21 at 15:59

Spring Resource Server with OAuth2 to relay access token

1 Answers1