I have an ouath2 module, server running on port 9999, and when I request "localhost:9999/oauth/token" I do get the token.
However, even the auth server and the REST endpoints are in the same project (different modules, but they know about each other), the controllers seem to not care if the request holds a token.
Now, here comes the interesting stuff:
If I add this code to my application.yml, the controllers do not care about the auth at all.
security:
basic:
enabled: false
oauth2:
client:
client-id: acme
client-secret: acmesecret
access-token-uri: http://localhost:9999/oauth/token
user-authorization-uri: http://localhost:9999/oauth/authorize
resource:
user-info-uri: http://localhost:9999/user
token-info-uri: http://localhost:9999/oauth/check_token
auth:
server:
url: http://localhost:9999/oauth/check_token/
clientId: acme
clientSecret: acmesecret
oauth2:
resource:
userInfoUri: http://localhost:9999/user
But, when I remove it and try to request the controller I get this:
{
"timestamp": 1472114046044,
"status": 401,
"error": "Unauthorized",
"message": "Full authentication is required to access this resource",
"path": "/gamification/api/ebubo"
}
Any ideas? Anyone?
#ComponentScan("the_actual_package") was missing
Related
I want spring cloud gateway to redirect a request received at "/fetchRoute" to a service api running at "http://localhost:9090/getRoutes".
My application.yml file looks like this:
server:
port: 8080
spring:
cloud:
gateway:
routes:
- id : Routes
uri: http://localhost:9090/getRoutes
predicates:
- Path=/fetchRoute
When I hit "http://localhost:8080/fetchRoute" (Gateway service is running on localhost:8080) from postman I am getting the following error
{
"timestamp": "2022-07-20T12:56:34.802+00:00",
"status": 404,
"error": "Not Found",
"path": "/fetchRoute"
}
I tried hitting "http://localhost:9090/getRoutes" directly and it's working properly so it's not an issue with the service
I wrote the apple login function and was in the process of testing, but the error OAuth2AuthenticationException: [authorization_request_not_found] occurred.
applcation.yml
registration:
apple:
authorization-grant-type: authorization_code
client-id: client-id
client-secret: client-secret
client-name: apple
client-authentication-method: POST
redirect-uri: 'https://ip.jp.ngrok.io/{action}/oauth2/code/{registrationId}'
scope:name, email
provider:
apple:
authorization-uri: https://appleid.apple.com/auth/authorize?response_mode=form_post
token-uri: https://appleid.apple.com/auth/token
jwk-set-uri: https://appleid.apple.com/auth/keys
user-name-attribute: name
the result of this redirect me to https://ip.jp.ngrok.io/login/oauth2/code/apple
but it is Whitelabel Error Page
Please help me solve this error.
Micronaut is used in one of my projects. I am enabling JWT security feature of micronaut with built in login, logout controllers. But when I hit /login endpoint, it gives me below error:
Access to XMLHttpRequest at 'micronaut-login-endpoint' from origin 'front-end-enpdpoint' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Snippet from application.yml:
micronaut:
application:
name: app-name
server:
port: *port*
cors:
enabled: true
configurations:
web:
allowedOrigins:
- *front-end-enpdpoint*
allowedHeaders:
- Content-Type
allowedMethods:
- POST
- GET
- OPTIONS
security:
enabled: true
endpoints:
login:
enabled: true
logout:
enabled: true
oauth:
enabled: true
token:
enabled: true
jwt:
enabled: true
Can someone help me with this issue?
Can someone from the micronaut core community like #Jeff-Scott-Brown please help me?
I recently faced this issue and I was able to tackle this using this issue thread.
So, following this mdn CORS article. I found out there are two types of CORS requests, simple and preflighted. In case of auth the Authorization header is modified which requires preflighted requests. In preflighted, an http OPTIONS(http method) request is made to the server to confirm its identity. Now micronaut does not have an options end point which can be tackle by just creating the OPTIONS controller as mentioned in the github issue.
i have developed the micro service application, in that application there is a service call user service which is running on port 8281. This service handle the authentications. when i test the service in local environment this is worked fine. But if i call this service using zuul api gateway this is not working. following property in the application.yml file is use to get the redirect url in the local environment. This is worked fine.
security:
oauth2:
client:
registration:
google:
redirectUri: "http://localhost:8281/oauth2/callback/google"
But if i change this property as follow for connect with zuul api gateway.
security:
oauth2:
client:
registration:
google:
redirectUri: "http://localhost:8080/api/user/oauth2/callback/google"
This is not working and is throw this error message [authorization_request_not_found]. localhost:8080 is the zuul api gateway. zuul has configure to forward request to user service like this.
zuul:
prefix: /api
routes:
auth-service:
path: /user/**
serviceId: USER-SERVICE
stripPrefix: true
sensitiveHeaders: Cookie,Set-Cookie
so why this error is thrown ?
Im using spring cloud, in the following layout:
registry server
oauth2 server
zuul proxy
a simple crud microservice
On the crud service, Im trying to authenticate against my oauth2 server using
security:
oauth2:
resource:
loadBalanced: true
userInfoUri: http://auth_service/users/current
I can fetch the token from the oauthserver, but when I use the token to request the crud service I got
2017-01-07 10:46:02.638 INFO 16186 --- [nio-9001-exec-4] o.s.b.a.s.o.r.UserInfoTokenServices : Getting user info from: http://auth_service/users/current
2017-01-07 10:46:02.639 INFO 16186 --- [nio-9001-exec-4] o.s.b.a.s.o.r.UserInfoTokenServices : Could not fetch user details: class java.lang.NullPointerException, null
If I change the oauth client to hit the oauth server without the loadBalanced option, it works fine
security:
oauth2:
resource:
userInfoUri: http://localhost:4444/auth_service/users/current #through zuul proxy
I tried to debug, but this nullpointer exception occurs very deep on rest template implementations. Please, I need some help here.
I have something like this in mine try this configuration to see if it might work.
zuul:
routes:
user-service:
path: /user/**
stripPrefix: false
security:
# Disable Spring Boot basic authentication
basic:
enabled: false
oauth2:
client:
accessTokenUri: http://<zuulHostname>/user/oauth/token
userAuthorizationUri: http://<zuulHostname>/user/oauth/authorize
...
Kindly check the token that you are getting does it have complete information about the user. Most importantly the userName. It should be set when you generate the token. You can see what information is in the token by parsing the token here