Announcement Announcement Module
Collapse
No announcement yet.
Hard time using Oauth 2 from other clients than SoapUI Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Hard time using Oauth 2 from other clients than SoapUI

    I have implemented a simple Rest API borrowing most of the Sparkl2 sample code implementation.

    If I then use SoapUI 5.0 to authenticate and use the service, everything works perfectly. However, when I try to use CURL or any other client I have problems when I try to access /oauth/token .

    If I do something like this:

    curl -v -X POST -d "username=User1&client_secret=mysecret&password=se nha&grant_type=authorization_code&client_id=realti me" http://localhost:8080/realtime/oauth/token

    Then I get: {"error":"unauthorized","error_description":"Fu ll authentication is required to access this resource"}* Closing connection #0

    On the logs it says:

    02:29:14.124 [http-nio-8080-exec-55] DEBUG o.s.s.w.u.matcher.OrRequestMatcher - Trying to match using Ant [pattern='/oauth/token']
    02:29:14.125 [http-nio-8080-exec-55] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/oauth/token'; against '/oauth/token'
    02:29:14.125 [http-nio-8080-exec-55] DEBUG o.s.s.w.u.matcher.OrRequestMatcher - matched
    02:29:14.125 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 1 of 11 in additional filter chain; firing Filter: 'WebAsyncManagerIntegrationFilter'
    02:29:14.125 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 2 of 11 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
    02:29:14.125 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 3 of 11 in additional filter chain; firing Filter: 'HeaderWriterFilter'
    02:29:14.126 [http-nio-8080-exec-55] DEBUG o.s.s.w.h.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.Hs [email protected]
    02:29:14.126 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 4 of 11 in additional filter chain; firing Filter: 'LogoutFilter'
    02:29:14.126 [http-nio-8080-exec-55] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/oauth/token'; against '/logout'
    02:29:14.126 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 5 of 11 in additional filter chain; firing Filter: 'BasicAuthenticationFilter'
    02:29:14.128 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 6 of 11 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
    02:29:14.128 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 7 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
    02:29:14.128 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 8 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
    02:29:14.129 [http-nio-8080-exec-55] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.Anony [email protected]: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.We [email protected]: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
    02:29:14.129 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 9 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter'
    02:29:14.129 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 10 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
    02:29:14.130 [http-nio-8080-exec-55] DEBUG o.s.security.web.FilterChainProxy - /oauth/token at position 11 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
    02:29:14.130 [http-nio-8080-exec-55] DEBUG o.s.s.w.u.m.AntPathRequestMatcher - Checking match of request : '/oauth/token'; against '/oauth/token'
    02:29:14.130 [http-nio-8080-exec-55] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /oauth/token; Attributes: [fullyAuthenticated]
    02:29:14.130 [http-nio-8080-exec-55] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.Anonym [email protected]: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.We [email protected]: RemoteIpAddress: 127.0.0.1; SessionId: null; Granted Authorities: ROLE_ANONYMOUS
    02:29:14.156 [http-nio-8080-exec-55] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.springframework.security.web.access.expression .[email protected], returned: -1
    02:29:14.157 [http-nio-8080-exec-55] DEBUG o.s.s.w.a.ExceptionTranslationFilter - Access is denied (user is anonymous); redirecting to authentication entry point
    org.springframework.security.access.AccessDeniedEx ception: Access is denied


    However, if I try to use the service via SoapUI all is prefect.

    The issue is that I cannot code any other client.

    My SoapUI configuration is as follows:

    OAuth 2 flow: Authorization Code Grant
    client identification: realtime
    Authorization URI: http://localhost:8080/realtime/oauth/authorize
    Access Token URI: http://localhost:8080/realtime/oauth/token
    Redirect URI: None
    Scope: urn:ietf:wg:oauth:2.0:oob

    Then I have the following automation script inside SoapUI:

    function consent() {
    document.getElementById('submit_login_form').click ();
    }

    if (document.getElementById('username')) {
    document.getElementById('username').value = 'User1';
    document.getElementById('password').value = 'senha';
    document.getElementById('_csrf').value = document.getElementById('_csrf').value;
    document.getElementById('submit_login_form').submi t();
    }
    else if (document.getElementById('submit_login_form')) {
    window.setInterval(consent, 100);
    }


    From SoapUI, everything works.

    I had implemented my system based on the Sparkl2 source code.

    How can I use any other OAuth2 client with it? A JavaScript client, Java client, CURL etc?

    It seems only to work with SoapUI 5.0

    Thanks,
Working...
X