Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Spring OAuth + JWT -- /oauth/token

Tags:

spring

jwt

spring-security

spring-security-oauth2

I'm trying to configure my spring application to use JWT using https://github.com/spring-projects/spring-security-oauth. I've exposed a bean for ConsumerTokenServices backed by a JwtTokenStore, but hitting /oauth/token doesn't give me a JWT.

$ curl localhost:8643/contextpath/oauth/token?grant_type=client_credentials -u user:password` {"access_token":"a78a6225-78d5-4cb8-9393-6c0b567a6f24","token_type":"bearer","expires_in":5684,"scope":"read write"}%

I know that the TokenStore is being used, because hitting check_token produces an error, where it didn't before.

$ curl https://localhost:8643/context/oauth/check_token?token=a78a6225-78d5-4cb8-9393-6c0b567a6f24 {"error":"invalid_token","error_description":"Cannot convert access token to JSON"}%

How do I make my TokenEndpoint spit back a JWT?

like image 944
Lee Avital Avatar asked Aug 17 '15 20:08

Lee Avital

Video Answer

1 Answers

Maybe you should use JwtAccessTokenConverter provided by spring and then properly configured. Here is an example:

public class YourTokenEnhancer extends JwtAccessTokenConverter {

//you can autowire sth for you logic

@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken,
                                 OAuth2Authentication authentication) {
    DefaultOAuth2AccessToken customAccessToken = new DefaultOAuth2AccessToken(accessToken);

    OAuth2AccessToken enhancedToken = super.enhance(customAccessToken, authentication);
    return enhancedToken;
}

And the configuration is:

 @Configuration
 @EnableAuthorizationServer
 public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
 //other config...
 @Bean
 public JwtAccessTokenConverter accessTokenConverter() {
    JwtAccessTokenConverter converter = new YourTokenEnhancer();
    converter.setSigningKey("secret");
    return converter;
 }

 @Override
 public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

    endpoints.authenticationManager(authenticationManager)
            .tokenStore(redisTokenStore())
            .tokenServices(authorizationServerTokenServices())
            .accessTokenConverter(accessTokenConverter())//configure it here
            ;
 }
}
like image 58
jacob Avatar answered Nov 15 '22 04:11

jacob
Sign in to Comment

Related questions

Spring OAuth2 not redirecting back to client on form login
Can I define ApplicationContext as a constructor-arg in Spring XML configuration?
How to configure package level @TypeDefs with Spring Hibernate
Matching anything in Spring RequestMapping
How to combine Swing and SpringFramework?
Referenced bean 'jpaMappingContext' not found
JBPM6: How to resume a process from the last successful node after the server crash?
No qualifying bean of type [org.hibernate.SessionFactory]
Spring data JPA Spel - @Query Issue
cvc-elt.1: Cannot find the declaration of element 'beans' - Spring 4.0.2 [duplicate]
Regarding date issue in local and server
Dependency injection for java 8 default interface methods
MongoDB 3.0 connection and authentication using spring data 1.4.1.RELEASE
How to get properly all queue messages from RabbitMQ in Spring?
Is it possible to run integration tests on many spring boot applications at the same time?
Cron expression must consist of 6 fields (found 1 in "#{systemEnvironment['db_cron']}")
spring-integration-kafka config consumer to receive message from specify partition
Where is Spring MVC context path set?
Construct JSON Object based on Query Result List
How to wrap Spring beans

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!