Encoded password does not look like BCrypt

Question

I am using Spring Boot, Spring Security, OAuth2 and JWT to authenticate my application, but I keep getting this nasty error and I don\'t have any idea what is wrong. My

Answer 1

1. In case you've added "{bcrypt}" right before password, and not configured your app accordingly, you will get this error. Consider removing this.
2. If still not resolved, just set the column length of the user's password to 60( 68 if you've added {bcryt} at the beginning) Worked for me!

Answer 2

I got rid of this error message by using a long, 60 chars+ password e.g. CXPW3XT2vXwBZk9mYZ5eCrKPM8kXJC6bbwJQjtGq2NQRYQPzsvqTwYz8JvWhWD5KLrrUHHammBNV3tkkyA4U

Answer 3

For my own similar scenario I just encoded the password like this passwordEncoder().encode("password") instead of raw String "password":

authenticationManagerBuilder
  .inMemoryAuthentication()
  .withUser("user")
  // Just changed here
  .password(passwordEncoder().encode("password"))
  .roles("USER");


@Bean
public PasswordEncoder passwordEncoder() {
  return new BCryptPasswordEncoder();
}

Answer 4

use noop in secret for tests.

@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
    clients.inMemory()
            .withClient("angular")
            .secret("{noop}@ngular0")
            .scopes("read", "write")
            .authorizedGrantTypes("password")
            .accessTokenValiditySeconds(1800);
}

Answer 5

You are likely missing this bean in your Security configuration SecurityConfig

@Bean
public DaoAuthenticationProvider getAuthenticationProvider() {
    DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
    authenticationProvider.setUserDetailsService(customDetailsService);
    authenticationProvider.setPasswordEncoder(encoder());
    return authenticationProvider;
}