Menu
In the Spring definition of a remote resource that is protected via OAuth2 to which the client application wants access, I set use-current-uri to true, in other words, the current URI should be used as a redirect (if available). It looks like:
<oauth:resource id="myResourceId" type="authorization_code"
client-id="${clientId}" client-secret="${clientSecret}"
access-token-uri="${accessTokenUri}"
user-authorization-uri="${userAuthorizationUri}"
use-current-uri="true"
scope="myScope"
pre-established-redirect-uri="${preEstablishedRedirectUri}"/>
Now the problem is, the Spring Security OAuth2 client will pick up the current internal Tomcat URL instead of the public web application's URL. The scenario is Tomcat server sitting behind Apache server, which results in two sets of URLs:
Because the redirection URL is for the authorization server (e.g., Twitter, ORCID) to use to send back the authorization code, the public web application's URL should be used, not the internal one.
By the way, I'm using the following version of spring-security-oauth2:
Wonder if there is a way to tell Spring to use the public URL. Thanks.
732
When integrating OAuth2 with Spring Boot, the default value of redirect_uri is set to “:/login”. In order to solve this issue, you have 2 options: Define “:/login” as a redirect URL under the authorization service. Use a custom redirect URL through setting the following attributes in application.properties:
When integrating OAuth2 with Spring Boot, the default value of redirect_uri is set to “:/login”. In order to solve this issue, you have 2 options:
Problem: When trying to authenticate a user using OAuth2 through a third-party service like (Google, Facebook, etc.), the following error occurs: Solution: A redirect_uri_mismatch error occurs when the redirect URL defined for your application at the authorization service doesn't match the value of parameter "redirect_uri" passed by your request.
Now, to add the client configurations we add a new configuration class named AuthorizationServerConfig which extends AuthorizationServerConfigurerAdapter class of Spring Security. The AuthorizationServerConfigurerAdapter class is used to configure the authorization server using the spring security oauth2 module.
Inside your tomcat conf/server.xml's connector element , try setting your public URLs that front tomcat like this:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
proxyName="example.com"
proxyPort="443" (or whatever port you are using, same goes for scheme )
scheme="https" />
This way tomcat's internal getServerName and getServerPort methods will start giving the correct values which hopefully should create the correct URL.
You might also want to configure your webserver to route requests falling at http://example.com/users/login to http://localhost:8080/myapplication/users/login if not already done.
108
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
