Title: Spring-boot oauth2 authentication Last modified: August 31, 2016 --- # Spring-boot oauth2 authentication * Resolved [theswolf](https://wordpress.org/support/users/theswolf/) * (@theswolf) * [10 years, 3 months ago](https://wordpress.org/support/topic/spring-boot-oauth2-authentication/) * Hello, I,m facing some problem integrating oauth authentication with spring security in spring boot, someone of you had already the same problem? * [https://wordpress.org/plugins/oauth2-provider/](https://wordpress.org/plugins/oauth2-provider/) Viewing 4 replies - 1 through 4 (of 4 total) * Plugin Author [Justin Greer](https://wordpress.org/support/users/justingreerbbi/) * (@justingreerbbi) * [10 years, 3 months ago](https://wordpress.org/support/topic/spring-boot-oauth2-authentication/#post-7130743) * I am not sure. Please explain the problem you are having. * Thread Starter [theswolf](https://wordpress.org/support/users/theswolf/) * (@theswolf) * [10 years, 3 months ago](https://wordpress.org/support/topic/spring-boot-oauth2-authentication/#post-7130907) * Yes, i have configured wp pauth server with enabled: Authorization code and refresh code. After that I’ve configured my spring ouath 2 as follow: * ``` wp: client: clientId: xxx clientSecret: xxx accessTokenUri: http://localhost:8080/wordpress?oauth=access_token userAuthorizationUri: http://localhost:8080/wordpress?oauth=authorize resource: userInfoUri: http://localhost:8080/wordpress/oauth/me ``` * and this is my java config: * ``` @EnableOAuth2Client @Configuration public class SpringSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired OAuth2ClientContext oauth2ClientContext; @RequestMapping("/user") public Principal user(Principal principal) { return principal; } @Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.antMatcher("/**") .authorizeRequests() .antMatchers("/", "/login**", "/webjars/**").permitAll() .anyRequest().authenticated() .and().exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")) .and().logout().logoutSuccessUrl("/").permitAll() .and().csrf().csrfTokenRepository(csrfTokenRepository()) .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class) .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); // @formatter:on } @Bean public FilterRegistrationBean oauth2ClientFilterRegistration( OAuth2ClientContextFilter filter) { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(filter); registration.setOrder(-100); return registration; } private Filter ssoFilter() { OAuth2ClientAuthenticationProcessingFilter wpFilter = new OAuth2ClientAuthenticationProcessingFilter("/login/wp"); OAuth2RestTemplate wpTemplate = new OAuth2RestTemplate(wp(), oauth2ClientContext); wpFilter.setRestTemplate(wpTemplate); wpFilter.setTokenServices(new UserInfoTokenServices(wpResource().getUserInfoUri(), wp().getClientId())); return wpFilter; } @Bean @ConfigurationProperties("wp.client") OAuth2ProtectedResourceDetails wp() { return new AuthorizationCodeResourceDetails(); } @Bean @ConfigurationProperties("wp.resource") ResourceServerProperties wpResource() { return new ResourceServerProperties(); } private Filter csrfHeaderFilter() { return new OncePerRequestFilter() { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class.getName()); if (csrf != null) { Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN"); String token = csrf.getToken(); if (cookie == null || token != null && !token.equals(cookie.getValue())) { cookie = new Cookie("XSRF-TOKEN", token); cookie.setPath("/"); response.addCookie(cookie); } } filterChain.doFilter(request, response); } }; } private CsrfTokenRepository csrfTokenRepository() { HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository(); repository.setHeaderName("X-XSRF-TOKEN"); return repository; } ``` * shuld be ok but every time i try to log I’ve got this message: There was an unexpected error (type=Unauthorized, status=401). Authentication Failed: Could not obtain access token * Plugin Author [Justin Greer](https://wordpress.org/support/users/justingreerbbi/) * (@justingreerbbi) * [10 years, 3 months ago](https://wordpress.org/support/topic/spring-boot-oauth2-authentication/#post-7130930) * I am unfamiliar with Spring so please forgive me. The message * > Authentication Failed: Could not obtain access token * is not part of WP OAuth Server if I recall correctly. Are you able to get a raw error response for the OAuth Server? That may help more. * Thread Starter [theswolf](https://wordpress.org/support/users/theswolf/) * (@theswolf) * [10 years, 3 months ago](https://wordpress.org/support/topic/spring-boot-oauth2-authentication/#post-7130944) * I was mismatching a URL: `accessTokenUri: http://localhost:8080/wordpress?oauth =access_token` should be `accessTokenUri: http://localhost:8080/wordpress?oauth =token` and all is working good thank you very much Justin. Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Spring-boot oauth2 authentication’ is closed to new replies. * ![](https://ps.w.org/oauth2-provider/assets/icon-256x256.gif?rev=2603051) * [WP OAuth Server (OAuth Authentication)](https://wordpress.org/plugins/oauth2-provider/) * [Frequently Asked Questions](https://wordpress.org/plugins/oauth2-provider/#faq) * [Support Threads](https://wordpress.org/support/plugin/oauth2-provider/) * [Active Topics](https://wordpress.org/support/plugin/oauth2-provider/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/oauth2-provider/unresolved/) * [Reviews](https://wordpress.org/support/plugin/oauth2-provider/reviews/) * 4 replies * 2 participants * Last reply from: [theswolf](https://wordpress.org/support/users/theswolf/) * Last activity: [10 years, 3 months ago](https://wordpress.org/support/topic/spring-boot-oauth2-authentication/#post-7130944) * Status: resolved