spring-boot spring-security oauth-2.0 spring-security-oauth2 spring-webclient

authorization code flow without code_challenge_method & code_challenge via spring-security-oauth2-client

We have identity server which does not support PKCE. It cannot be modified to include PKCE.

I am trying to implement authorization code flow on same identity server using spring-security-oauth2-client , spring-boot-starter-security & webclient. The generated authorization code uses code_challenge_method & code_challenge which is giving error while accessing token. Is there any way in spring to not use PKCE by default?

I am using spring boot version 2.3.4.RELEASE

Solution

Spring Security will use PKCE only, if the client doesn't have a client-secret configured.

https://docs.spring.io/spring-security/site/docs/5.4.2/reference/html5/#oauth2Client-auth-code-grant

Search from database and display it in web page using spring boot + html
Find/Remove in @DBref list items in MongoDB for Spring
Spring Boot control target JAR file name
Name for argument of type [java.lang.String] not specified, and parameter name information not available via reflection
Cannot load configs from Config Server - No suitable HttpMessageConverter
How to prevent Spring Boot/Hibernate from converting entity column names from PascalCase to snake_case?
How to specify target architecture when using Spring Boot gradle task bootBuildImage
Error executing DDL "create table in Spring Data JPA?
not able to call upload file API using RestTemplate
How to Add JVM Arguments in Azure Application Service?
How to handle microservice Interaction when one of the microservice is down
Lombok classes not generated
LdapCtxFactory because module java.naming does not export com.sun.jndi.ldap to unnamed module
Is it possible to use @Transactional and kotlin coroutines in spring boot?
How to convert spring boot app with Okta to read okta groups
How to add Header - Authorization for swagger 3, spring boot
SpringBoot RestTemplate ignores spring.jackson.serialization.WRITE_DATES_AS_TIMESTAMPS = false
Spring Boot 1.5.1 caches JSP
How does Spring Boot control Tomcat cache?
How can I change the default location of log4j2.xml in Java Spring Boot?
Spring Boot application is encountering a NullPointerException after running for a while
Problem connecting springboot to mysql with docker-compose
Map as parameter in RestAPI Post request
Cause ERROR Recursive call to appender. Is there a way to solve it?
Swagger-ui keeps showing example petstore instead of my API
Apache Spark with Spring boot - failed to start exception Factory method 'javaSparkContext' threw exception with message: javax/servlet/Servlet
Reactive Mongo secondaryPreferred
Flyway: Found non-empty schema(s) "public" without schema history table! Use baseline() - on Empty database
Spring boot not loading log4j2.xml
@Repository not necessary when implementing JpaRepository?