I am trying to use this to get a token.
@Bean
fun webClient(
clientRegistrations: ReactiveClientRegistrationRepository,
authorizedClientService: ReactiveOAuth2AuthorizedClientService
): WebClient {
val oauth = ServerOAuth2AuthorizedClientExchangeFilterFunction(
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(clientRegistrations, authorizedClientService)
)
oauth.setDefaultClientRegistrationId("my_client")
oauth.setDefaultOAuth2AuthorizedClient(true)
return WebClient.builder()
.exchangeStrategies(ExchangeStrategies.builder().codecs { c -> c.defaultCodecs().enableLoggingRequestDetails(true) }.build())
.filter(oauth)
.filter(this.logRequest()).build()
}
application.yml:
security:
oauth2:
client:
registration:
rcs:
provider: my-provider
client-id: my-client-id
client-secret: secret-password
authorization-grant-type: client_credentials
scope: read
client-authentication-scheme: form
client-authentication-method: post
provider:
my-provider:
token-uri: https://my.adress/oauth2/token
Calling something with this webclient triggers a post request to the token-uri. The answer is 405 Method not allowed. Masked headers are: application/x-www-form-urlencoded application/json
Tracing the call got me this in the log: o.s.w.r.f.client.ExchangeFunctions : [5fb05c07] HTTP POST https://my.adress/oauth2/token, headers={masked} r.netty.http.client.HttpClientConnect : [id:5a927c49-1, L:/10.222.44.555:51839 - R:my.adress/11.12.13.14:443] Handler is being applied: {uri=https://my.adress/oauth2/token, method=POST} org.springframework.web.HttpLogging : [5fb05c07] Writing form fields [grant_type, client_id, client_secret, scope] (content masked) r.n.http.client.HttpClientOperations : [id:5a927c49-1, L:/10.222.44.555:51839 - R:my.adress/11.12.13.14:443] Received response (auto-read:false) : [Date=Thu, 24 Jun 2021 10:32:24 GMT, X-Content-Type-Options=nosniff, X-XSS-Protection=1; mode=block, Content-Security-Policy=frame-ancestors 'none', X-Frame-Options=DENY, Content-Type=application/json, content-length=2] o.s.w.r.f.client.ExchangeFunctions : [5fb05c07] [5a927c49-1] Response 405 METHOD_NOT_ALLOWED, headers={masked} r.n.http.client.HttpClientOperations : [id:5a927c49-1, L:/10.222.44.555:51839 - R:my.adress/11.12.13.14:443] Received last HTTP packet org.springframework.web.HttpLogging : [5fb05c07] [5a927c49-1] Decoded [{}]
Doing the call to same address with a webClient get me this:
o.s.w.r.f.client.ExchangeFunctions : [50ac63b2] HTTP POST https://my.adress/oauth/token, headers=[my-header:"random crap info", Content-Type:"application/x-www-form-urlencoded", Accept:"application/json"] r.netty.http.client.HttpClientConnect : [id:5b99c9b5-1, L:/10.222.44.555:61352 - R:my.adress/11.12.13.14:443] Handler is being applied: {uri=https://my.adress/oauth/token, method=POST} org.springframework.web.HttpLogging : [50ac63b2] Writing {client_id=[my-client-id], client_secret=[secret-password], scope=[read], grant_type=[client_credentials]} r.n.http.client.HttpClientOperations : [id:5b99c9b5-1, L:/10.222.44.555:61352 - R:my.adress/11.12.13.14:443] Received response (auto-read:false) : [Date=Thu, 24 Jun 2021 11:48:37 GMT, X-Content-Type-Options=nosniff, X-XSS-Protection=1; mode=block, Content-Security-Policy=frame-ancestors 'none', X-Frame-Options=DENY, Cache-Control=no-cache, no-store, Pragma=no-cache, Expires=Thu, 01 Jan 1970 00:00:00 GMT, Content-Type=application/json, content-length=114] o.s.w.r.f.client.ExchangeFunctions : [50ac63b2] [5b99c9b5-1] Response 200 OK, headers=[Date:"Thu, 24 Jun 2021 11:48:37 GMT", X-Content-Type-Options:"nosniff", X-XSS-Protection:"1; mode=block", Content-Security-Policy:"frame-ancestors 'none'", X-Frame-Options:"DENY", Cache-Control:"no-cache, no-store", Pragma:"no-cache", Expires:"Thu, 01 Jan 1970 00:00:00 GMT", Content-Type:"application/json", content-length:"114"] r.n.http.client.HttpClientOperations : [id:5b99c9b5-1, L:/10.222.44.555:61352 - R:my.adress/11.12.13.14:443] Received last HTTP packet org.springframework.web.HttpLogging : [50ac63b2] [5b99c9b5-1] Decoded "{"access_token":"392349ab-96fc-4cb4-99b9-7a62f2138e35","scope":"read","token_type":"bearer","expires_in":1800}"
I have debugged the httpClient and I can't see any differences in the two calls, but still the result is quite different.
Springboot version: 2.5.1
Comment From: jgrandja
Thanks for getting in touch, but it feels like this is a question that would be better suited to Stack Overflow. We prefer to use GitHub issues only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add a minimal sample that reproduces this issue if you feel this is a genuine bug.