Stack Overflow
Stack Overflow

Questions tagged [oauth2resourceserver]

16 questions
5
votes
0 answers

Changing a Spring oauth2ResourceServer JWT ex. to use a single secret instead of a Keypair throws an exception “Failed to select a JWK signing key”

I'm trying to implement a Spring Boot Rest backend with JWT-security, based on Springs new authorization server and this example: https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/jwt/login It uses…
Plaul
  • 7,191
  • 5
  • 19
  • 22
2
votes
1 answer

Spring OAuth2 resource server with Google Authorization server

I am trying to implement a simple Spring OAuth2 resource server using google as OAuth server. Basically, I've been following guides like this one spring-oauth2-with-google application.yml: spring: security: oauth2: client: …
Javier Sánchez
  • 984
  • 6
  • 7
2
votes
1 answer

Save user after success authentication

I have set up keycloak with a google identity provider. And I have set up a simple reactive spring-boot web application with spring security and MongoDB. I want to save users after they successfully pass the authorization filter. Here is my security…
eternal
  • 339
  • 2
  • 15
2
votes
0 answers

set Multiple "jwk-set-uri" for my spring resource server

I have been developing this mobile app for a long time now which uses microservices architecture on the backend ( spring boot 2.4.2 ) . I have been able to set my microservices as resource servers which validate google tokens and everything works as…
kamal essafi
  • 21
  • 1
1
vote
0 answers

Getting token claim inside security configuration

I'm trying to make security using oauth2 resource server with google as authentication provider and add custom roles from database by getting email from JWT token and searching for it in database. This is my configuration @Bean public…
Salav
  • 11
  • 2
0
votes
0 answers

Spring boot OAuth 2.0 Resource Server Introspection

I'm currently working on implementing OAuth 2.0 in a Spring Boot application with an external authorization server. My resource server is responsible for protecting resources via OAuth tokens, and I'm using Spring Security for this purpose. I have…
Fabiano Armando
  • 1
  • 1
0
votes
2 answers

SpringBoot 3 OAuth2 Resource Server missing bean of type 'org.springframework.security.oauth2.jwt.JwtDecoder'

I made an application with spring-boot-starter-oauth2-resource-server in pom.xml and a value for spring.security.oauth2.resourceserver.jwt.issuer-uri in application.properties. It works fine when I start it for the first time. Then I added a…
slt
  • 5
  • 4
0
votes
1 answer

My CustomOAuth2AuthenticationEntryPoint is not called for a JwtValidationException

I have a Spring Boot Rest backend protected with JWT, which is functioning properly with the use of oauth2ResourceServer as outlined below. @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http …
Plaul
  • 7,191
  • 5
  • 19
  • 22
0
votes
0 answers

Role of SecretKeySpec in NimbusJwtDecoder: Spring Security and JWT

I was going through Symmetric and Assymetric Signatures for JWT in Spring Security. I came accross this video by Dan Vega- https://www.youtube.com/watchv=66DtzkhBlSA&list=PLZV0a2jwt22s5NCKOwSmHVagoDW8nflaC&index=6&ab_channel=DanVega Here, in the…
ayush
  • 464
  • 5
  • 17
0
votes
2 answers

How to get scope and roles in Oauth2/2.1 spring boot resource server?

How to get scope and roles in Oauth2/2.1 spring boot resource server? Authentication authentication = getAuthentication(); System.out.println(authentication.getAuthorities()); Authorities returns only scope. Here is my token introspect { …
Thirumal
  • 8,280
  • 11
  • 53
  • 103
0
votes
0 answers

Unable to log in to a spring boot OAuth2 Resource Server application from an angular application

I built a small spring boot application using spring-boot-starter-oauth2-resource-server. The tests work well on Postman but not on Angular. The test was working on Angular when I used spring-boot-starter-security. Here is my pom.xml file, I only…
DONGMO BERNARD GERAUD
  • 149
  • 1
  • 7
0
votes
0 answers

I have oauth2 auth server and a resource server. Resource server is only validating request with auth server once

auth server configuration @EnableWebSecurity @Configuration class WebSecurityConfig { @Bean fun securityFilterChain(http: HttpSecurity): SecurityFilterChain { http .cors { cors -> cors.disable() } .csrf {…
Botir Adoshboyev
  • 21
  • 3
0
votes
0 answers

Spring doc openapi oauth2 resource server not working

Although I have successfully authorize but when I get api 401 is there any way to fix it. Authorize swagger Execute api swageer Swagger config application.yml springdoc: version: 'v1.0' swagger-ui: oauth: …
Minh Trần
  • 13
  • 5
0
votes
1 answer

Keycloak, Nestjs - ResourceGuard always results in 403 Forbidden Error?

I have a NestJS REST API. I try to use Keycloak as Authorization Services. I want to secure the endpoints of my REST API with resources, scopes and permissions. The problem is, I get a 403 Forbidden Resource Error on every request. I try to explain…
Manuel Wolf
  • 105
  • 2
  • 8
0
votes
1 answer

SpelEvaluationException: Attempted to call method throwOnError(java.lang.Boolean) on null context object

I'm having trouble associating an accessDecisionManager to the httpSecurity configuration of my resource server and using SpEL oauth2 expressions. I think I've followed correctly what documentation and several related questions here in SO say on how…
LuisFerrolho
  • 417
  • 3
  • 13
1
2