Struggle to run samples servlet/spring-boot/java/oauth2/ #106
Description
Hi,
let me share some issues I faced when I tried to run the login and authorization server sample. It would be great if you can fix the examples. The last point mentioned below is actually not solved.
gradle wrapper version
Problem
$ ./gradlew bootRun
FAILURE: Build failed with an exception.
* Where:
Build file 'xxxxxxxxxxxxxxxxxx/spring-security-samples/servlet/spring-boot/java/oauth2/login/build.gradle' line: 2
* What went wrong:
An exception occurred applying plugin request [id: 'org.springframework.boot', version: '3.0.0-SNAPSHOT']
> Failed to apply plugin 'org.springframework.boot'.
> Spring Boot plugin requires Gradle 7.x (7.4 or later). The current version is Gradle 7.3
* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Run with --scan to get full insights.
* Get more help at https://help.gradle.org
Solution
vi gradle/wrapper/gradle-wrapper.properties
distributionUrl=https\://services.gradle.org/distributions/gradle-7.4-bin.zip
gradle fails to download snapshot releases
Problem
* Where:
Build file '/xxxxxxxxxxxxx/spring-security-samples/servlet/spring-boot/java/oauth2/authorization-server/build.gradle' line: 2
* What went wrong:
Plugin [id: 'org.springframework.boot', version: '3.0.0-SNAPSHOT'] was not found in any of the following sources:
- Gradle Core Plugins (plugin is not in 'org.gradle' namespace)
- Plugin Repositories (could not resolve plugin artifact 'org.springframework.boot:org.springframework.boot.gradle.plugin:3.0.0-SNAPSHOT')
Searched in the following repositories:
Gradle Central Plugin Repository
* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Run with --scan to get full insights.
* Get more help at https://help.gradle.org
Solution
Put the following lines to settings.gradle https://docs.spring.io/spring-boot/docs/3.0.0-SNAPSHOT/gradle-plugin/reference/htmlsingle/#getting-started
pluginManagement {
repositories {
maven { url 'https://repo.spring.io/milestone' }
maven { url 'https://repo.spring.io/snapshot' }
gradlePluginPortal()
}
}
problem with scope openid
Problem (comes up when booting up the application and trying to login)
[invalid_scope] OpenID Connect 1.0 authentication requests are restricted.
Solution change application.yml
scope: openid,profile
# scope: profile
problem with user-info-uri
1st Problem:
[missing_user_info_uri] Missing required UserInfo Uri in UserInfoEndpoint for Client Registration: login-client
Solution
spring:
authorization-uri: http://localhost:9000/oauth2/authorize
token-uri: http://localhost:9000/oauth2/token
jwk-set-uri: http://localhost:9000/oauth2/jwks
user-info-uri: http://localhost:9000/userinfo # add this line
2nd problem:
[missing_user_name_attribute] Missing required "user name" attribute name in UserInfoEndpoint for Client Registration: login-client
Solution: Actually I did not find a solution to this one. I tried to add a provider for the user-info endpoint in OAuth2AuthorizationServerSecurityConfiguration but it did not work
@Bean
@Order(1)
public SecurityFilterChain
authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = new
OAuth2AuthorizationServerConfigurer();
authorizationServerConfigurer
.oidc(oidc -> oidc.userInfoEndpoint(
userInfoEndpoint -> userInfoEndpoint.userInfoMapper(
oidcUserInfoAuthenticationContext -> {
return new OidcUserInfo(Map.of(
StandardClaimNames.NAME
, "user",
"user_name", "user"));
})
)
);
RequestMatcher endpointsMatcher =
authorizationServerConfigurer.getEndpointsMatcher();
http.securityMatcher(endpointsMatcher).authorizeHttpRequests((authorize) -> {
((AuthorizeHttpRequestsConfigurer.AuthorizedUrl) authorize.anyRequest()).authenticated();
}).csrf((csrf) -> {
csrf.ignoringRequestMatchers(new RequestMatcher[]{endpointsMatcher});
}
).apply(authorizationServerConfigurer);
return http.formLogin(Customizer.withDefaults()).build();
}