Stack Overflow
Stack Overflow

Questions tagged [spring-oauth2]

Official tutorial: https://spring.io/guides/tutorials/spring-boot-oauth2/

708 questions
46
votes
4 answers

App domains must match the domain of the Facebook Web Games URL (https), Mobile Site URL, Unity Binary URL, Site URL or Secure Page Tab URL

I am developing Spring Boot + Facebook Integration example. In this example, I've created an at app https://developers.facebook.com/. The screen shot of the created app shown below. Also when I was passing the Domain name I am getting the below…
user5778069
36
votes
1 answer

Relation between WebSecurityConfigurerAdapter and ResourceServerConfigurerAdapter

I'm trying to integrate Spring OAuth2 into Spring MVC REST. Most of the Spring OAuth2 examples, there is only ResourceServerConfigurerAdapter and some of have WebSecurityConfigurerAdapter as well. I'm not going to integrate OAuth with Google,…
sura2k
  • 7,365
  • 13
  • 61
  • 80
30
votes
3 answers

Official Spring security oauth2 example doesn't work because of cookies clashing(authorization code mechanism)

According the tutorial Spring Boot and OAuth2 I have following project structure: And following source code: SocialApplication.class: @SpringBootApplication @RestController @EnableOAuth2Client @EnableAuthorizationServer @Order(200) public class…
gstackoverflow
  • 36,709
  • 117
  • 359
  • 710
27
votes
1 answer

How to use AuthorizationServerSecurityConfigurer?

I am looking at a Spring boot project which has this code: public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { oauthServer .tokenKeyAccess("permitAll()") …
KZcoding
  • 1,417
  • 4
  • 16
  • 26
27
votes
6 answers

How to get custom user info from OAuth2 authorization server /user endpoint

I have a resource server configured with @EnableResourceServer annotation and it refers to authorization server via user-info-uri parameter as follows: security: oauth2: resource: user-info-uri: http://localhost:9001/user Authorization…
S. Pauk
  • 5,208
  • 4
  • 31
  • 41
24
votes
2 answers

HttpSession null after replacing AuthorizationRequest

Complete code and instructions to quickly reproduce the problem are given below. THE PROBLEM: The HttpSession becomes null after a custom implementation of DefaultOAuth2RequestFactory replaces the current AuthorizationRequest with a saved…
CodeMed
  • 9,527
  • 70
  • 212
  • 364
20
votes
5 answers

How to logout oauth2 client in Spring?

I have the simplest oauth2 client: @EnableAutoConfiguration @Configuration @EnableOAuth2Sso @RestController public class ClientApplication { @RequestMapping("/") public String home(Principal user, HttpServletRequest request,…
gstackoverflow
  • 36,709
  • 117
  • 359
  • 710
19
votes
3 answers

Java 17 Cannot invoke "java.lang.reflect.Method.invoke(Object, Object[])" because com.sun.xml.bind.v2.runtime.reflect.opt.Injector.defineClass is null

I have small project in spring boot with oauth2, i want to run resource server settings: Java 17 spring-boot-starter-parent version 2.5.6 spring-cloud-dependencies version…
kgajda
  • 225
  • 1
  • 2
  • 5
16
votes
4 answers

Add custom UserDetailsService to Spring Security OAuth2 app

How do I add the custom UserDetailsService below to this Spring OAuth2 sample? The default user with default password is defined in the application.properties file of the authserver app. However, I would like to add the following custom…
CodeMed
  • 9,527
  • 70
  • 212
  • 364
16
votes
2 answers

How to implement OAuth2 "Token Exchange" with Spring Cloud Security

I would like to know if someone has an example to see how to implement "Token Exchange" technique with Spring Cloud Security (with OAuth2). Currently I have implemented "Token Relay" technique in a Microservices Environment using ZuulProxy to…
miguelfgar
  • 311
  • 1
  • 3
  • 9
15
votes
1 answer

How do /oauth/authorize and /oauth/token interact in Spring OAuth?

I am doing an in-depth study of Spring OAuth, and I found some conflicting information. Specifically, this tutorial states that the /oauth/token endpoint handles the username and password before granting a refresh token to the client app. By…
CodeMed
  • 9,527
  • 70
  • 212
  • 364
14
votes
1 answer

Accessing a Spring OAuth 2 JWT payload inside the Resource Server controller?

I'm going through this tutorial on how to setup spring boot oauth with jwt. It covers decoding the JWT token using Angular, but how do we decode it and get access to custom claims inside the Resource Server controller? For example with JJWT it can…
Ole
  • 41,793
  • 59
  • 191
  • 359
14
votes
3 answers

Store token from OAuth2 server in cookie using Spring OAuth

Is there any configuration provided by Spring OAuth2 that does the creation of a cookie with the opaque or JWT token? The configuration that I've found on the Internet so far describes the creation of an Authorization Server and a client for it. In…
Juan Vega
  • 1,030
  • 1
  • 16
  • 32
14
votes
2 answers

Invalid XSRF token at /oauth/token

Complete code for a Spring OAuth2 implementation of Multi-Factor Authentication has been uploaded to a file sharing site at this link. Instructions are given below to recreate the current problem on any computer in only a few minutes. **CURRENT…
CodeMed
  • 9,527
  • 70
  • 212
  • 364
13
votes
2 answers

Spring Boot 2 and OAuth2/JWT configuration

I'm trying to port my Spring boot 1.5 application to Spring Boot 2 Right now I'm unable to obtain OAuth2 access token. This is the code I have successfully used with Spring Boot 1.5: public static String loginAndGetAccessToken(String username,…
alexanoid
  • 24,051
  • 54
  • 210
  • 410
1
2 3
47 48