Spring Cloud Openfeign Migrate from Spring Security OAuth to OAuth2 support in Spring Security

Comment From: xenoterracide

is this what's causing this?

   FeignAutoConfiguration.Oauth2FeignConfiguration:
      Did not match:
         - @ConditionalOnClass did not find required class 'org.springframework.security.oauth2.client.OAuth2ClientContext' (OnClassCondition)
 ```

❯ fd gradle.lockfile -x grep oauth {} | awk -F'=' '{ print $1 }' | sort -u com.nimbusds:oauth2-oidc-sdk:9.35 org.springframework.boot:spring-boot-starter-oauth2-client:2.7.3 org.springframework.security:spring-security-oauth2-client:5.7.3 org.springframework.security:spring-security-oauth2-core:5.7.3 org.springframework.security:spring-security-oauth2-jose:5.7.3 ❯ fd gradle.lockfile -x grep feign {} | awk -F'=' '{ print $1 }' | sort -u io.github.openfeign.form:feign-form-spring:3.8.0 io.github.openfeign.form:feign-form:3.8.0 io.github.openfeign:feign-core:11.8 io.github.openfeign:feign-slf4j:11.8 org.springframework.cloud:spring-cloud-openfeign-core:3.1.4 org.springframework.cloud:spring-cloud-starter-openfeign:3.1.4 ```

Comment From: xenoterracide

if not, should I report another bug here? or where? I can't seem to get oauth2 configured per docs

Comment From: OlgaMaciaszek

@xenoterracide The migration has been done - will be available with the latest release. However, that is now what is causing your issue. The happens, because the user is responsible for adding the security dependency and instantiating required beans as described in the docs. I suggest that you wait for 3.1.5 and then add spring-security-oauth2-client and follow the docs for Spring Cloud OpenFeign and Spring Security OAuth2 Client to set it up.

Comment From: xenoterracide

I think I did try what's in the docs, any chance there was a problem due to using client credentials and not being in a servlet environment?

Comment From: OlgaMaciaszek

@xenoterracide Have you tried against 3.1.5 and set up according to the new recommended version (you will find two approaches in the current docs: one is deprecated - it's indicated in the doc; there's a new one added now as well, so you should use the new approach).