These are chat archives for spring-cloud/spring-cloud

24th
Jun 2015
Bryce Budd
@brycebudd
Jun 24 2015 04:12
Sorry if this is a repeat question. Is there a way to specify a redirect uri on oauth2.client via yaml with spring cloud security?
Dave Syer
@dsyer
Jun 24 2015 05:53
Yes
Your IDE will help you probably
But look at the beans it is binding to (BaseClientDetails on the server side)
Leon Radley
@leon
Jun 24 2015 12:04

Hi!

I’m having troubles with my custom OAuth2RestTemplate. Since this Is a new Client Credentials Rest Template, it’s now trying to look up the host via eureka.

@Bean
    public OAuth2RestTemplate clientCredentialsRestTemplate(ClientCredentialsResourceDetails details) {
        // We need to create a new ClientContext that isn't session scoped because we use it in the batch job
        return new OAuth2RestTemplate(details, new DefaultOAuth2ClientContext());
    }
How do I create a client credentials rest template and keep all the goodies from eureka?
Dave Syer
@dsyer
Jun 24 2015 12:57
You want a load balanced rest template with client credentials grant?
Maybe we could add one
Leon Radley
@leon
Jun 24 2015 13:00
yes that would be great
Dave Syer
@dsyer
Jun 24 2015 13:00
You can create on the same way we do for the auth code grant
Look at OAuth2LoadBalancerClientAutoConfiguration
There's going to be a Spring Cloud release soon. This week probably.
Leon Radley
@leon
Jun 24 2015 13:01
I’ll try doing a pull request for it
Dave Syer
@dsyer
Jun 24 2015 13:01
That would be great if you're feeling motivated
Leon Radley
@leon
Jun 24 2015 13:02
It shouldn’t take that long

what should we call the bean?

clientCredentialsOAuth2RestTemplate ?

Dave Syer
@dsyer
Jun 24 2015 13:07
loadBalancedClientCredentialsOAuth2RestTemplate ?
Leon Radley
@leon
Jun 24 2015 13:07
ok
Dave Syer
@dsyer
Jun 24 2015 13:08
there's already a clientCredentialsOAuth2RestTemplate isn't there?
Leon Radley
@leon
Jun 24 2015 13:08
not shure
Leon Radley
@leon
Jun 24 2015 13:29
There is a oauth2RemoteResource but it has a conditional ConditionalOnNotWebApplication
Leon Radley
@leon
Jun 24 2015 13:51
I’m having troubles with all the dependencies of spring-cloud-security and getting it compiled,
I’ve downloaded almost all the spring-cloud repos and build them starting with common, then config, then netflix...
and build

but when I try to compile security it says

```

The project org.springframework.cloud:spring-cloud-security:1.0.2.BUILD-SNAPSHOT (/Users/leon/Projects/OpenSource/spring-cloud-security/pom.xml) has 6 errors
[ERROR]     Non-resolvable import POM: Could not find artifact org.springframework.cloud:spring-cloud-netflix:pom:1.0.2.BUILD-SNAPSHOT @ org.springframework.cloud:spring-cloud-security:[unknown-version], /Users/leon/Projects/OpenSource/spring-cloud-security/pom.xml, line 33, column 16 -> [Help 2]
[ERROR]     'dependencies.dependency.version' for org.springframework.cloud:spring-cloud-config-client:jar is missing. @ org.springframework.cloud:spring-cloud-security:[unknown-version], /Users/leon/Projects/OpenSource/spring-cloud-security/pom.xml, line 62, column 15
[ERROR]     'dependencies.dependency.version' for org.springframework.cloud:spring-cloud-commons:jar is missing. @ org.springframework.cloud:spring-cloud-security:[unknown-version], /Users/leon/Projects/OpenSource/spring-cloud-security/pom.xml, line 67, column 15
[ERROR]     'dependencies.dependency.version' for org.springframework.cloud:spring-cloud-config-server:jar is missing. @ org.springframework.cloud:spring-cloud-security:[unknown-version], /Users/leon/Projects/OpenSource/spring-cloud-security/pom.xml, line 72, column 15
[ERROR]     'dependencies.dependency.version' for org.springframework.cloud:spring-cloud-netflix-core:jar is missing. @ org.springframework.cloud:spring-cloud-security:[unknown-version], /Users/leon/Projects/OpenSource/spring-cloud-security/pom.xml, line 77, column 15
[ERROR]     'dependencies.dependency.version' for com.netflix.zuul:zuul-core:jar is missing. @ org.springframework.cloud:spring-cloud-security:[unknown-version], /Users/leon/Projects/OpenSource/spring-cloud-security/pom.xml, line 102, column 15
[ERROR]
@dsyer any suggestions?
I’ve got all the repos in the same directory, and they have their default github names
Dave Syer
@dsyer
Jun 24 2015 13:58
The starters are foobar
I was fixing it this morning but I got distracted
Leon Radley
@leon
Jun 24 2015 13:58
:)
Dave Syer
@dsyer
Jun 24 2015 13:59
I'll get back to it
But not till later on probably
Leon Radley
@leon
Jun 24 2015 14:01

I’ve done a implementation which should work. But I havn’t been able to compile it.
I’ll do a pull request and you can have a look.

The only thing I’m unsure of is, since we now have Two @Bean @LoadBalanced, should one of them be @Primary?

Leon Radley
@leon
Jun 24 2015 14:18
@dsyer spring-cloud/spring-cloud-security#72
give me a buzz when you have fixed the build, and I could add a couple of tests and documentation to go with it
Bryce Budd
@brycebudd
Jun 24 2015 14:59
This message was deleted
Bryce Budd
@brycebudd
Jun 24 2015 15:14

I have added the registeredRedirectUris property from BaseClientDetails, but I am still getting a different URL instead of the one I set in my application.yml file. My spring-boot app is behind an apache proxy server and called over ssl. When I call my application I get the public facing URL in the redirect_url. I expected to get the registeredRedirectUris endpoint. I'm debugging a production system so I appreciate any insights you may have regarding why I do not see the registeredRedirectUri during the authorize call.

spring:
  oauth2:
    client:
      accessTokenUri: https://idp.server.com:9443/oauth2/token
      userAuthorizationUri: https://idp.server.com:9443/oauth2/authorize
      clientId: [client_id]
      clientSecret: [client_secret]
      scope: openid
      clientAuthenticationScheme: header
      registeredRedirectUris: https://tomcat.server.com:8080/login
    resource:
      userInfoUri: https://idp.server.com:9443/oauth2/userinfo?schema=openid
      preferTokenInfo: false

I get the following instead:
Redirecting to 'https://idp.server.com:9443/oauth2/authorize?client_id=[client_id]&redirect_uri=https://www.public-url.com/login&response_type=code&scope=openid&state=uRe3CY' which causes an invalid callback exception on my authorization server.

Thanks again for any assistance.

Dave Syer
@dsyer
Jun 24 2015 15:48
On the server I think the property is registeredRedirectUri (singular). But your use case inbolved the client as well
There you need preEstablishedRedirectUri (from memory)
And useCurrentUri=false
Bryce Budd
@brycebudd
Jun 24 2015 16:12
@dsyer The preEstablishedRedirectUri and useCurrentUri did the trick. Thank you so much for your help!!!
Dave Syer
@dsyer
Jun 24 2015 16:25
The default useCurentUri=true ought to work as well. I think it's a feature request in Spring OAuth.
Would you like to open a ticket there?
Dave Syer
@dsyer
Jun 24 2015 16:48
@leon the build looks OK now
I haven't had time to look at the PR yet