I’m trying to make a working demo using Spring Boot as a Resource Server and Keycloak as an Authorization Server. Here is project code snippets: pom.xml App.java AppRestController.java application.properties I’m running Keycloak on the port 8083. Get request to the http://localhost:8083/realms/rea…
Tag: oauth-2.0
Secure a Java web app using the Spring Boot Starter for Azure Active Directory JWT token algorithm problem
I’m created java web application using spring boot starter for azure active directory step by step like is described in:https://learn.microsoft.com/en-us/azure/developer/java/spring-framework/configure-spring-boot-starter-java-app-with-azure-active-directory My application with my azure account work fin…
OAuth2 authorization code flow: spring-security does not accept the issued access_token
I am learning the OAuth2 authorization code flow. I have my own Authorization Server (AS) which is OpenAM 7.1. The Client is a simple Spring-Boot web application with a static HTML page, I use Spring-Security to protect the HTML page and control the Oauth2 flow. I think that my Authorization Server configurat…
PKIX path building failed in OAuth Authentication in Java
I am trying to Authenticate in discogs: https://www.discogs.com/developers/#page:authentication,header:authentication-oauth-flow on the Point 2: SEND A GET REQUEST TO THE DISCOGS REQUEST TOKEN URL, I get this: on the POINT 3: REDIRECT YOUR USER TO THE DISCOGS AUTHORIZE PAGE, I’ve created this piece of c…
Get access token using Spring Security with a specific use-case
Is this use-case supported for Spring Security 5, or something else, where we don’t have to reinvent the wheel? Thoughts on how to (re)implement this better? Details are as follows. 3rd party vendor supplied endpoints. We pull info from upstream source then forward to the downstream vendor. Only 2 APIs …
How can I make my spring boot application to log in to keycloak with given username and password?
I have a spring-boot application and I am using keycloak to authenticate users. I am planning to make an endpoint in my application that waits a username and a password, it logs-in to keycloak and if the username/password is valid ask for an access token and give it back to the user. How can I make this log-i…
Spring 5 Oauth2 – How to provide the check token URL in my Resource server?
I need some help.. I set up an AuthorizationServer using @EnableAuthorizationServer from Spring-security-oauth2 for grant type “client_credentials”. Able to create, check tokens and everything good with this. /oauth/token /oauth/checkToken Followed this sample for Authorization server I have a sep…
com.google.api.client.auth.oauth2.TokenResponseException: 400 Bad Request (Eclipse)
I have been stuck at “Deploy to APP Engine” from Eclipse, and following error message always popped up. Possible actions what I can think of were taken but all failed. Here is my situation what I have right now. Application(Java Servlet) run normally in debug level “Deploy to App Engine̶…
Cannot pass JWT refresh token as an argument
I’m trying to get a new access token using a refresh token in Spring Boot with OAuth2. It should be done as following: POST: url/oauth/token?grant_type=refresh_token&refresh_token=…. It works fine if I’m using InMemoryTokenStore because the token is tiny and contains only digits/letters …
Spring Boot – set default HTTP Oauth2Login() registration/provider
New to spring boot and I’m working on an application that already had some Oauth2 authentication done for signing in with azure. I was tasked with setting up some auth for another API and now I have two registrations(client id/secret/grant-type) in my application-local.properties. example of login promp…