search

jhipster / generator-jhipster

JHipster is a development platform to quickly generate, develop, & deploy modern web applications & microservice architectures.
https://www.jhipster.tech
Apache License 2.0
21.55k stars 4.02k forks source link

Oauth2 autoconfig Request method 'POST' not supported #21079

Closed Diandson closed 1 year ago

Diandson commented 1 year ago
Overview of the issue

I generate a simple app and I want to use oauth2 whith client_credentials to authenticate others apps. Since version 7.0 io.githhub.jhipster => tech.jhipster an spring version changed. I would like to know if this is in new jhipster dependancies cause thh error or is about spring version.

Motivation for or Use Case

Different config

@EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true) @Import(SecurityProblemSupport.class) public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

private final JHipsterProperties jHipsterProperties;

private final TokenProvider tokenProvider;

private final CorsFilter corsFilter;
private final SecurityProblemSupport problemSupport;

@Autowired
private UserDetailsService userDetailsService;

@Bean
@Override
protected AuthenticationManager authenticationManager() throws Exception {
    return super.authenticationManager();
}

public SecurityConfiguration(
    TokenProvider tokenProvider,
    CorsFilter corsFilter,
    JHipsterProperties jHipsterProperties,
    SecurityProblemSupport problemSupport
) {
    this.tokenProvider = tokenProvider;
    this.corsFilter = corsFilter;
    this.problemSupport = problemSupport;
    this.jHipsterProperties = jHipsterProperties;
}

@Override
public void configure(WebSecurity web) {
    web
        .ignoring()
        .antMatchers(HttpMethod.OPTIONS, "/**")
        .antMatchers("/app/**/*.{js,html}")
        .antMatchers("/i18n/**")
        .antMatchers("/content/**")
        .antMatchers("/swagger-ui/**")
        .antMatchers("/test/**");
}

@Override
public void configure(HttpSecurity http) throws Exception {
    // @formatter:off
    http
        .csrf()
        .disable()
        .addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
        .exceptionHandling()
            .authenticationEntryPoint(problemSupport)
            .accessDeniedHandler(problemSupport)
    .and()
        .headers()
        .contentSecurityPolicy(jHipsterProperties.getSecurity().getContentSecurityPolicy())
    .and()
        .referrerPolicy(ReferrerPolicyHeaderWriter.ReferrerPolicy.STRICT_ORIGIN_WHEN_CROSS_ORIGIN)
    .and()
        .permissionsPolicy().policy("camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()")
    .and()
        .frameOptions()
        .deny()
    .and()
        .sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
    .and()
        .authorizeRequests()
        .antMatchers("/api/authenticate").permitAll()
        .antMatchers("/api/register").permitAll()
        .antMatchers("/oauth/**").permitAll()
        .antMatchers("/api/activate").permitAll()
        .antMatchers("/api/account/reset-password/init").permitAll()
        .antMatchers("/api/account/reset-password/finish").permitAll()
        .antMatchers("/api/admin/**").hasAuthority(AuthoritiesConstants.ADMIN)
        .antMatchers("/api/**").authenticated()
        .antMatchers("/websocket/**").authenticated()
        .antMatchers("/management/health").permitAll()
        .antMatchers("/management/health/**").permitAll()
        .antMatchers("/management/info").permitAll()
        .antMatchers("/management/prometheus").permitAll()
        .antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN)
    .and()
        .httpBasic()
    .and()
        .apply(securityConfigurerAdapter());
    // @formatter:on
}

private JWTConfigurer securityConfigurerAdapter() {
    return new JWTConfigurer(tokenProvider);
}

@Bean
public PasswordEncoder passwordEncoder() {
    return new NexctPasswordEncoder();
}
@Bean
public PasswordEncoder passwordEncoder2() {
    return new BCryptPasswordEncoder();
}

@Bean
public DaoAuthenticationProvider daoAuthenticationProvider(){
    DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
    daoAuthenticationProvider.setPasswordEncoder(passwordEncoder2());
    daoAuthenticationProvider.setUserDetailsService(userDetailsService);
    return daoAuthenticationProvider;
}

@Bean
public AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler() {
    return new AjaxLogoutSuccessHandler();
}

}

@Configuration @EnableAuthorizationServer public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

@Autowired
private AuthenticationManager authenticationManager;

@Autowired
private UserDetailsService userDetailsService;

@Autowired
private JdbcTemplate jdbcTemplate;

@Autowired
private PasswordEncoder passwordEncoder;

@Value("${security.signing-key}")
private String signingKey;

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey(signingKey);

    endpoints.tokenStore(tokenStore(jdbcTemplate))
            .reuseRefreshTokens(false)
            .accessTokenConverter(converter)
            .authenticationManager(authenticationManager)
            .userDetailsService(userDetailsService);
}

@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
    oauthServer.passwordEncoder(passwordEncoder);
    oauthServer.tokenKeyAccess("hasAuthority('ROLE_TRUSTED_CLIENT')")
            .checkTokenAccess("hasAuthority('ROLE_TRUSTED_CLIENT')");
    oauthServer.allowFormAuthenticationForClients();
}

@Override
public void configure(ClientDetailsServiceConfigurer config) throws Exception {
    config.jdbc(jdbcTemplate.getDataSource());
}

@Bean
public TokenStore tokenStore(JdbcTemplate jdbcTemplate) {
    return new JdbcTokenStore(Objects.requireNonNull(jdbcTemplate.getDataSource()));
}

@Bean
@Primary
public DefaultTokenServices tokenServices() {
    DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
    defaultTokenServices.setTokenStore(tokenStore(jdbcTemplate));
    defaultTokenServices.setSupportRefreshToken(true);
    return defaultTokenServices;
}

}

Reproduce the error

2023-02-11 02:00:29.547 DEBUG 24249 --- [ restartedMain] c.a.JHipsterSpringDocGroupsConfiguration : Initializing JHipster OpenApi customizer 2023-02-11 02:00:30.289 DEBUG 24249 --- [ restartedMain] c.a.JHipsterSpringDocGroupsConfiguration : Initializing JHipster OpenApi default group 2023-02-11 02:00:30.291 DEBUG 24249 --- [ restartedMain] c.a.JHipsterSpringDocGroupsConfiguration : Initializing JHipster OpenApi management group 2023-02-11 02:00:30.981 INFO 24249 --- [ restartedMain] org.jboss.threads : JBoss Threads version 3.1.0.Final 2023-02-11 02:00:31.051 INFO 24249 --- [ restartedMain] com.m2i.authmanager.AuthManagerApp : Started AuthManagerApp in 8.71 seconds (JVM running for 10.054) 2023-02-11 02:00:31.056 INFO 24249 --- [ restartedMain] com.m2i.authmanager.AuthManagerApp : 

Application 'AuthManager' is running! Access URLs:
Local:      http://localhost:8080/
External:   http://127.0.0.1:8080/
Profile(s):     [dev, api-docs]

en$2a$10$bQVczQTY.Pe9ZcJ/V4r1Le1Py4D1HqTGNLvNR6vv8VyOTNlh0Dms2 arg0$2a$10$bQVczQTY.Pe9ZcJ/V4r1Le1Py4D1HqTGNLvNR6vv8VyOTNlh0Dms2 2023-02-11 02:00:37.168 WARN 24249 --- [ XNIO-1 task-1] o.z.problem.spring.common.AdviceTraits : Method Not Allowed: Request method 'POST' not supported 2023-02-11 02:00:37.223 WARN 24249 --- [ XNIO-1 task-1] .m.m.a.ExceptionHandlerExceptionResolver : Resolved [org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported] en$2a$10$bQVczQTY.Pe9ZcJ/V4r1Le1Py4D1HqTGNLvNR6vv8VyOTNlh0Dms2 arg0$2a$10$bQVczQTY.Pe9ZcJ/V4r1Le1Py4D1HqTGNLvNR6vv8VyOTNlh0Dms2 2023-02-11 02:00:45.468 WARN 24249 --- [ XNIO-1 task-1] o.z.problem.spring.common.AdviceTraits : Method Not Allowed: Request method 'POST' not supported 2023-02-11 02:00:45.470 WARN 24249 --- [ XNIO-1 task-1] .m.m.a.ExceptionHandlerExceptionResolver : Resolved [org.springframework.web.HttpRequestMethodNotSupportedException: Request method 'POST' not supported]

Related issues
Suggest a Fix
JHipster Version(s)
JHipster configuration
Entity configuration(s) entityName.json files generated in the .jhipster directory
Browsers and Operating System
Diandson commented 1 year ago

I notice that in a springboot simple app this is working find with the same version of spring.

Somme one help please #21076 #20869 @mraible @jdigger @jkutner @gunnarahlberg

mraible commented 1 year ago

It looks like you're using JWT authentication. I believe you need to choose OAuth to use client credentials.

Diandson commented 1 year ago

Yes I keep jwt cause event if I remove it the problem till exist. The thing is that I don't want redirection login i want to login the application using oauth2 client credentials in background and login user again with jwt. /oauth/token return always method post not supported.

github-actions[bot] commented 1 year ago

This issue is stale because it has been open for too long without any activity. Due to the moving nature of jhipster generated application, bugs can become invalid. If this issue still applies please comment otherwise it will be closed in 7 days

mshima commented 1 year ago

We need jhipster info output of the application to reproduce. Since you have customized code, please post at stackoverflow.