Search code examples
spring-bootspring-securityspring-oauth2

Spring Boot oauth2 : Full authentication is required to access this resource

I am starting configuration OAuth2 in SpringBoot with Postgresql DB. After request token in Postman I am getting error:

{
    "error": "unauthorized",
    "error_description": "Full authentication is required to access this resource"
}

with payload:

curl --location --request POST 'localhost:9000/oauth/token' \
     --header 'Content-Type: application/x-www-form-urlencoded' \
     --header 'Authorization: Basic Y2xpZW50SWQ6c2VjcmV0' \
     --data-urlencode 'grant_type=password' \
     --data-urlencode 'username=user' \
     --data-urlencode 'password=pass'

ResourceServer configuration:

@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter
{
    private static final String ROOT_PATTERN = "/**";


    @Override
    public void configure(HttpSecurity http) throws Exception
    {
        http.authorizeRequests()
            .antMatchers(HttpMethod.GET, ROOT_PATTERN).access("#oauth2.hasScope('read')")
            .antMatchers(HttpMethod.POST, ROOT_PATTERN).access("#oauth2.hasScope('write')")
            .antMatchers(HttpMethod.PATCH, ROOT_PATTERN).access("#oauth2.hasScope('write')")
            .antMatchers(HttpMethod.PUT, ROOT_PATTERN).access("#oauth2.hasScope('write')")
            .antMatchers(HttpMethod.DELETE, 
                                          ROOT_PATTERN).access("#oauth2.hasScope('write')");
    }
}

I checked request data, all is correct. I can't found how problem is occur.

Solution

  • I found problem:

    @Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, proxyTargetClass = true)
class WebSecurityConfiguration extends WebSecurityConfigurerAdapter
{
    private final DataSource dataSource;
    private PasswordEncoder passwordEncoder;
    private UserDetailsService userDetailsService;

    @Autowired
    public WebSecurityConfiguration(final DataSource dataSource)
    {
        this.dataSource = dataSource;
    }

    @Override
    protected void configure(final AuthenticationManagerBuilder auth) throws Exception
    {
        auth.userDetailsService(userDetailsService())
                .passwordEncoder(passwordEncoder());
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception
    {
        return super.authenticationManagerBean();
    }

    @Bean
    public PasswordEncoder passwordEncoder()
    {
        if (passwordEncoder == null) {
            this.passwordEncoder = new BCryptPasswordEncoder();
        }

        return passwordEncoder;
    }

    @Bean
    public UserDetailsService userDetailsService()
    {
        if (userDetailsService == null) {
            userDetailsService = new JdbcDaoImpl();
            ((JdbcDaoImpl) userDetailsService).setDataSource(dataSource);
        }

        return userDetailsService;
    }
}

    As you can see, I use JdbcDaoImpl for UserDetailsService and by default it query on public schema but my schema is something else.

    Now changed config like this:

    spring.datasource.url=jdbc:postgresql://localhost:5432/MY_DB?currentSchema=MY_SCHEMA_NAME