I am working on a little proof of the concept of a set of endpoints that should be able to call each other by passing tokens that are obtained through the OAuth 2 client credential stream. I use Spring Boot and its related projects to create these endpoints, and I'm confused by that why the structure looks very stubborn with respect to the following code:
package com.example.client; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.oauth2.client.OAuth2ClientContext; import org.springframework.security.oauth2.client.OAuth2RestOperations; import org.springframework.security.oauth2.client.OAuth2RestTemplate; import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails; import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; @Configuration @EnableAutoConfiguration @EnableOAuth2Client @RestController public class StuffClient { @Value("${security.oauth2.client.access-token-uri}") private String tokenUrl; @Value("${security.oauth2.client.id}") private String clientId; @Value("${security.oauth2.client.client-secret}") private String clientSecret; @Value("${security.oauth2.client.grant-type}") private String grantType; @Autowired private OAuth2RestOperations restTemplate; private String uri = "http://localhost:8082/stuff/"; @RequestMapping(value = "/client/{stuffName}", method = RequestMethod.GET) public String client(@PathVariable("stuffName") String stuffName) { String request = uri + stuffName; return restTemplate.getForObject(request, String.class); } @Bean public OAuth2RestOperations restTemplate(OAuth2ClientContext clientContext) { return new OAuth2RestTemplate(resource(), clientContext); } @Bean protected OAuth2ProtectedResourceDetails resource() { ClientCredentialsResourceDetails resource = new ClientCredentialsResourceDetails(); resource.setAccessTokenUri(tokenUrl); resource.setClientId(clientId); resource.setClientSecret(clientSecret); resource.setGrantType(grantType); return resource; } }
And the accompanying configuration file:
server: port: 8081 security: basic: enabled: false oauth2: client: id: test-client client-secret: test-secret access-token-uri: http://localhost:8080/uaa/oauth/token grant-type: client_credentials
The above works exactly as expected. If I change security.oauth2.client.id to security.oauth2.client.client-id (both in Java code and in YAML), I get an error 500, the first line of which is:
org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException: Unable to obtain a new access token for resource 'null'. The provider manager is not configured to support it.
This code also works great if I find hard code values ββfor all instance variables. In fact, it seems that in every permutation populating these instance variables, except the one where I use @Value to populate clientId value security.oauth2.client.client-id
So my main question is: is this structure really stubborn? And if so, why? And, can I use this stubbornness to simplify my code?
source share