Michael
Reputation: 1251
Spring oauth2 custom token issue
I have a requirement to generate a token manually in the code with a 3rd party has been verified. I'm running into an issue when I have to authenticate the token. I have created my own token store, which was working great when not generating the manual token. I also extended the The DefaultTokenService, but just added one method.
I have thrown in a few breakpoints and found that I'm hitting the ProviderManager class when I'm creating my own tokens manually. But when I'm not creating my own tokens, I'm hitting the UnanimousBased class. Not sure if that detail helps. Going to backtrace it more, but I'm open to any ideas.
Here is how I'm creating the token:
ConcurrentHashMap<String, String> authorizationParameters = new ConcurrentHashMap<String, String>();
authorizationParameters.put("scope", "read");
authorizationParameters.put("username", "mobile_client");
authorizationParameters.put("client_id", "mobile-client");
authorizationParameters.put("grant", "password");
DefaultAuthorizationRequest authorizationRequest = new DefaultAuthorizationRequest(authorizationParameters);
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
authorities.add(new GrantedAuthorityImpl("ROLE_UNTRUSTED_CLIENT"));
authorizationRequest.setAuthorities(authorities);
HashSet<String> resourceIds = new HashSet<String>();
resourceIds.add("mobile-client");
authorizationRequest.setResourceIds(resourceIds);
User userPrincipal = new User("mobile_client", "", true, true, true, true, authorities);
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userPrincipal, null, authorities) ;
OAuth2Authentication authenticationRequest = new OAuth2Authentication(authorizationRequest, authenticationToken);
authenticationRequest.setAuthenticated(true);
NoSQLTokenStore tokenStore = new NoSQLTokenStore();
CustomTokenServices tokenServices = new CustomTokenServices();
tokenServices.setSupportRefreshToken(true);
tokenServices.setTokenStore(tokenStore);
OAuth2AccessToken accessToken = tokenServices.createAccessTokenForUser(authenticationRequest, user);
This is the exception being thrown:
Mobile App 17:02:21.169 [WARN] LoggerListener - Authentication event AuthenticationFailureProviderNotFoundEvent: mobile_client; details: remoteAddress=::1, , tokenValue=<TOKEN>; exception: No AuthenticationProvider found for org.springframework.security.oauth2.provider.OAuth2Authentication
Mobile App 17:02:21.169 [DEBUG] ExceptionTranslationFilter - Authentication exception occurred; redirecting to authentication entry point <org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.oauth2.provider.OAuth2Authentication>org.springframework.security.authentication.ProviderNotFoundException: No AuthenticationProvider found for org.springframework.security.oauth2.provider.OAuth2Authentication
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:196)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.authenticateIfRequired(AbstractSecurityInterceptor.java:316)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:202)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:131)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:1852)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:722)
Upvotes: 2
Views: 2429
Answers (1)
Related Questions
- Spring Security and OAuth2 generate token with custom grant type
- Spring security oAuth 2.0 (Invalid token does not contain resource id (oauth2-resource))
- Spring Oauth2 Error "Token not found in request parameters" on entering username and password in custom login page
- Java spring OAuth2 client (resource server) always returns 'invalid token' error
- Oauth2 valid token JWT Spring
- Spring Oauth2 Couldn't Obtain Access Token Issue
- Spring Auth2 generate custom Token from my servie
- Customize Spring Oauth Error
- spring oauth2 custom login error
- Oauth2 Request Token using Spring Security