From 2640e69ab1ab4705094b7335231315044891b439 Mon Sep 17 00:00:00 2001 From: timis1 Date: Sat, 4 Feb 2023 22:41:35 +0200 Subject: [PATCH] JAVA-17611 GitHub Issue: oauth-client-server | got ERR_TOO_MANY_REDIRECTS after login --- .../com/baeldung/web/ArticlesController.java | 9 ++++++-- .../config/AuthorizationServerConfig.java | 21 +++++++++++-------- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/oauth-authorization-server/client-server/src/main/java/com/baeldung/web/ArticlesController.java b/oauth-authorization-server/client-server/src/main/java/com/baeldung/web/ArticlesController.java index 269225189..528c59519 100644 --- a/oauth-authorization-server/client-server/src/main/java/com/baeldung/web/ArticlesController.java +++ b/oauth-authorization-server/client-server/src/main/java/com/baeldung/web/ArticlesController.java @@ -3,11 +3,11 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient; +import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.reactive.function.client.WebClient; - -import javax.servlet.http.HttpServletRequest; +import org.springframework.web.servlet.ModelAndView; import static org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.oauth2AuthorizedClient; @@ -17,6 +17,11 @@ public class ArticlesController { @Autowired private WebClient webClient; + @GetMapping("/") + public ModelAndView redirectWithUsingRedirectPrefix(ModelMap model) { + return new ModelAndView("redirect:/articles", model); + } + @GetMapping(value = "/articles") public String[] getArticles( @RegisteredOAuth2AuthorizedClient("articles-client-authorization-code") OAuth2AuthorizedClient authorizedClient diff --git a/oauth-authorization-server/spring-authorization-server/src/main/java/com/baeldung/config/AuthorizationServerConfig.java b/oauth-authorization-server/spring-authorization-server/src/main/java/com/baeldung/config/AuthorizationServerConfig.java index b27e589e1..42a309a97 100644 --- a/oauth-authorization-server/spring-authorization-server/src/main/java/com/baeldung/config/AuthorizationServerConfig.java +++ b/oauth-authorization-server/spring-authorization-server/src/main/java/com/baeldung/config/AuthorizationServerConfig.java @@ -1,9 +1,11 @@ package com.baeldung.config; -import com.nimbusds.jose.jwk.JWKSet; -import com.nimbusds.jose.jwk.RSAKey; -import com.nimbusds.jose.jwk.source.JWKSource; -import com.nimbusds.jose.proc.SecurityContext; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.util.UUID; + import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.core.Ordered; @@ -19,12 +21,12 @@ import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.config.ProviderSettings; import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.interfaces.RSAPrivateKey; -import java.security.interfaces.RSAPublicKey; -import java.util.UUID; +import com.nimbusds.jose.jwk.JWKSet; +import com.nimbusds.jose.jwk.RSAKey; +import com.nimbusds.jose.jwk.source.JWKSource; +import com.nimbusds.jose.proc.SecurityContext; @Configuration(proxyBeanMethods = false) public class AuthorizationServerConfig { @@ -33,6 +35,7 @@ public class AuthorizationServerConfig { @Order(Ordered.HIGHEST_PRECEDENCE) public SecurityFilterChain authServerSecurityFilterChain(HttpSecurity http) throws Exception { OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http); + http.exceptionHandling(exceptions -> exceptions.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))); return http.formLogin(Customizer.withDefaults()).build(); }