python (65.1k questions)

javascript (44.2k questions)

reactjs (22.7k questions)

java (20.8k questions)

c# (17.4k questions)

html (16.3k questions)

r (13.7k questions)

android (12.9k questions)

Questions - spring-security

Unable to authenticate application using Twitter OAuth with Spring Security OAuth2 Client

I’m trying to authenticate users from Twitter using Spring Security OAuth2 Client. I have the following configuration: spring: security: oauth2: client: registration: twi...
test-img

cbender

java

spring

spring-security

twitter

oauth-2.0

Votes: 0

Answers: 1

Latest Answer

You are not doing anything wrong just that you need a small update to your properties file because Twitter OAuth 2.0 only supports Authorization Code Flow with PKCE. This was a known issue with the Tw...
test-img

Habeeb Okunade

Unable to make the oauth2Login as stateless

I have provided the cookie based authorization request repository to oauth2Login() dsl to make it as stateless. but when I add the session creation policy as STATELESS , the oauth2 login is not workin...
test-img

Rajeev

spring

spring-security

spring-security-oauth2

spring-oauth2

Votes: 0

Answers: 1

Latest Answer

It is not so easy to have oauth2Login and stateless sessionManagement. The problem is that Spring needs to store information about OAuth 2.0 state parameter. Normally it is stored in session but when ...
test-img

Paweł Adamski

Provider ID must be specified for client registration 'azure'?

When I upgrade to Spring Boot 2.6.6, the app shows error like this: I have this dependencies on my pom.xml: <dependencies> <dependency> <groupId>org.springframework....
test-img

Rini Antony

spring

spring-boot

spring-security

oauth-2.0

azure-active-directory

Votes: 0

Answers: 1

Latest Answer

Please check if application properties has the provider configured and having correct scopes for the api required. Provided below some application properties.Please check for the missing ones or if ev...
test-img

kavyaS

Spring webflux with jwt + csrf token

I need to implement CSRF protection to my backend. I am using the below configurations. But applications allow Post and Get requests without CSRF token. @Slf4j @EnableWebFluxSecurity @EnableReactiveMe...
test-img

wthamira

vue.js

spring-security

spring-webflux

csrf

Votes: 0

Answers: 1

Latest Answer

By using the oauth2ResourceServer() DSL, you are telling Spring Security that you are not using cookie-based authentication, therefore you do not need CSRF protection. If you take a look at the OAuth2...
test-img

Marcus Hert da Coregio

Posts

Questions

Blogs

Jobs