CODEWITHSUNDEEP
javaspringspring-bootkotlinoauth-2.0
sentient_6
sentient_6

Reputation: 143

Spring Boot: Calling an OAuth2 protected REST service

I have an existing REST API built using Spring Boot. On one of my functions on the service layer, I need to call an external REST service that is protected by OAuth2 (client-credentials).

Using Spring Boot 2.3, I realized OAuth2RestTemplate is deprecated, so I went with using WebClient.

Following this tutorial - https://www.baeldung.com/spring-webclient-oauth2, I now have my WebClientConfig class as follows:

@Configuration
class WebClientConfig {    
    @Bean
    fun webClient(
            clientRegistrations: ClientRegistrationRepository?,
            authorizedClients: OAuth2AuthorizedClientRepository?): WebClient? {
        val oauth2 = ServletOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients)
        oauth2.setDefaultOAuth2AuthorizedClient(false)
        oauth2.setDefaultClientRegistrationId("test")
        return WebClient.builder()
                .apply(oauth2.oauth2Configuration())
                .build()
    }
}

And in my properties file, I have:

spring:
  security:
    oauth2:
      client:
        registration:
          test:
            client-id: <redacted>
            client-secret: <redacted>
            authorization-grant-type: client_credentials
        provider:
          test:
            token-uri: <redacted>

I can't even tell if this is working or not, because I keep getting the following error when accessing a different endpoint on my API that has nothing to do with this OAuth2 authentication:

java.lang.IllegalArgumentException: Invalid Authorization Grant Type (client_credentials) for Client Registration with Id: test

I'm at my wits end because I can't overcome this issue... any help would be very appreciated! Thanks!

Upvotes: 8

Views: 9712

Answers (1)

bilak
bilak

Reputation: 4922

This is working for me:

  @Bean
  public WebClient webClient(OAuth2AuthorizedClientManager authorizedClientManager) {
    ServletOAuth2AuthorizedClientExchangeFilterFunction oauth2Client = new ServletOAuth2AuthorizedClientExchangeFilterFunction(
        authorizedClientManager);
    oauth2Client.setDefaultClientRegistrationId("test");

    return WebClient.builder()
        .apply(oauth2Client.oauth2Configuration())
        .build();
  }

  @Bean
  public OAuth2AuthorizedClientManager authorizedClientManager(
      ClientRegistrationRepository clientRegistrationRepository,
      OAuth2AuthorizedClientRepository authorizedClientRepository) {

    OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder()
        .refreshToken()
        .clientCredentials()
        .build();

    DefaultOAuth2AuthorizedClientManager authorizedClientManager = new DefaultOAuth2AuthorizedClientManager(
        clientRegistrationRepository, authorizedClientRepository);
    authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);

    return authorizedClientManager;
  }

Upvotes: 3

Related Questions