Spring Cloud OpenFeign OAuth 2.0 Client Credentials Non-interactive S2S Authentication With Spring Security 5

#build.gradleimplementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.boot:spring-boot-starter-oauth2-client'
implementation 'org.springframework.cloud:spring-cloud-starter-openfeign'
#application.ymlspring.security.oauth2.client:
registration:
#Repeat block for any number of AuthZ servers
bar-auth: #unique supplier service name
client-id: DUMMY_CLIENT_ID_XXX
client-secret: DUMMY_CLIENT_SECRET_YYYY
authorization-grant-type: client_credentials
client-authentication-method: post
provider:
#Repeat block for any number of AuthZ servers
bar-auth:
token-uri: ${BAR_AUTH_SERVER_URI}/oauth/token
#ConsumerApplication.javaimport org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.openfeign.EnableFeignClients;
@SpringBootApplication
@EnableFeignClient
public class ConsumerApplication {
public static void main(final String[] args) {
SpringApplication.run(ConsumerApplication.class);
}
}
#BarClient.javaimport org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.GetMapping;

@FeignClient(
name = "bar",
url = "https://bar.com",
configuration = BarAuthZConfiguration.class)
public interface BarClient {
@GetMapping(/listAll)
BarResult listAll();
}
#SecurityConfig.javaimport org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
* Explicitly Whitelists endpoints since Spring OAuth2 is used for authenticating & consuming external
* services.
*/
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(final HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().permitAll();
}
}
  • Authentication
  • Authorization
  • Token Cache
  • Token Refresh
  • Concurrency

Humble Request To Readers🙏

Donation😇

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Amith Kumar

Amith Kumar

Lead Full Stack & DevOps Engineer