I am implementing my own spring security authentication provider that authenticates the user. The authentication server is located on the remote side (Restful service). every time I called my service, I came across this error (this code reaches
return new UsernamePasswordAuthenticationToken(userDetails, authentication.getCredentials().toString(), grantedAuthorities); )
{"error":"invalid_client","error_description":"Bad client credentials"}
here is my code:
CustomAuthenticationProvider
public class CustomAuthenticationProvider implements AuthenticationProvider { @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(HttpClients.createDefault()); RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(60 * 1000) .setSocketTimeout(60 * 1000).build(); PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry); poolingHttpClientConnectionManager.setMaxTotal(20); poolingHttpClientConnectionManager.setDefaultMaxPerRoute(20); CloseableHttpClient httpClientBuilder = HttpClientBuilder.create() .setConnectionManager(poolingHttpClientConnectionManager).setDefaultRequestConfig(requestConfig) .build(); requestFactory.setHttpClient(httpClientBuilder); RestTemplate restTemplate = new RestTemplate(requestFactory); UserInfoRequestBean userInfoRequestBean = new UserInfoRequestBean(); String username = (String)authentication.getPrincipal(); userInfoRequestBean.setUsername(username); userInfoRequestBean.setPassword((String)authentication.getCredentials()); HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); HttpEntity<?> httpEntity = new HttpEntity<UserInfoRequestBean>(userInfoRequestBean, headers); try{ ResponseBean<LoginResponseBean> responseBody = restTemplate.exchange(getLoginUrl(), HttpMethod.POST, httpEntity, new ParameterizedTypeReference<ResponseBean<LoginResponseBean>>() {}).getBody(); UserDetails userDetails = new UserDetails(); userDetails.setGender(responseBody.getResult().getGender()); userDetails.setLastLoginDate(new Date()); userDetails.setYaghutSessionId(responseBody.getResult().getSessionId()); userDetails.setName(responseBody.getResult().getName()); userDetails.setUsername(username); List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
Spring Security Configurations
<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" /> <bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter"> <property name="authenticationManager" ref="customAuthenticationManager" /> </bean> <bean id="clientAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint"> <property name="realmName" value="test/client" /> <property name="typeName" value="Basic" /> </bean> <bean id="customProvider" class="com.adpdigital.idm.security.provider.CustomAuthenticationProvider" /> <authentication-manager id="customAuthenticationManager" xmlns="http://www.springframework.org/schema/security"> <authentication-provider ref="customProvider" /> </authentication-manager> <http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="customAuthenticationManager" xmlns="http://www.springframework.org/schema/security"> <intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY"/> <anonymous enabled="false"/> <http-basic entry-point-ref="clientAuthenticationEntryPoint" /> <custom-filter ref="clientCredentialsTokenEndpointFilter" after="BASIC_AUTH_FILTER" /> <access-denied-handler ref="oauthAccessDeniedHandler" /> </http>
source share