spring-security-oauth2

As context, I've been trying to get a fairly simple @SprintBootApplication with an additional @EnableOAuth2Sso annotation integrated with WSO2 Identity Server for quite some time now. In my mind getting this working should be a matter of configuration (as advertised on Spring Cloud Security ) - but I've had no luck thus far. In an effort to understand what is going on I've used my debugger to step through spring-security-oauth2 code to figure out what is going on. In doing so I've noticed that my AccessTokenRequest's PreservedState is perpetually null with a resultant CSRF related

I am able to include additional information into the access token implementing my own TokenEnhancer, but such info is included twice. One in the encoded access_token, and the other in the auth server response. Long story short! I request an access token with right credentials, and I get this response: { "access_token" : "eyJhbGciOiJSUzI1NiJ9.eyJjbGllbnRJZCI6Ik1ZX0NVU1RPTV9JTkZPX0NMSUVOVCIsInVzZXJfbmFtZSI6IlVTRVIiLCJzY29wZSI6WyJGT08iXSwiZXhwIjoxNTA2MzkwOTM5LCJhdXRob3JpdGllcyI6WyJST0xFX1VTRVIiXSwianRpIjoiZjJkYWFkM2ItYzkzOC00ZjExLWI3ODctMzExZDdlNjYzYzhhIiwiY2xpZW50X2lkIjoid2ViX2FwcCJ9

I just want to know if there is any way to skip User approval screen in Spring Boot - Spring Security OAuth2. I heard about custom user approval handler but I am quite not sure how to override it to disable user approval process and do a direct redirect. Thanks You don't need a custom handler to skip approval (since 2.0 anyway). You just set the autoApprove flag in the client details to "true" (or a list of scope patterns to auto approve). Pedro Madrid This is how I changed it in my JHipster application: @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

I try to implement my own example based on official tutorial Sparklr2/Tonr2 . Everything looks good but when I remove from web.xml in my Tonr2 implementation, spring security filter I have exception: No redirect URI has been established for the current request I can't understand what URL should I use. Here is my code, for client implementation: <!--apply the oauth client context --> <oauth:client id="oauth2ClientFilter" /> <!--define an oauth 2 resource for sparklr --> <oauth:resource id="provider" type="authorization_code" client-id="client" client-secret="secret" access-token-uri="http:/

I am trying to implement a spring AuthorizationServer with JWT. I was able to produce JWT tokens and login until I added BCrypt to the mix. Now, when I am trying to login, I get "Bad credentials" from the API. OAuth2Configuration.java @Configuration @EnableAuthorizationServer public class OAuth2Configuration extends AuthorizationServerConfigurerAdapter { private DataSource dataSource; private AuthenticationManager authenticationManager; private BCryptPasswordEncoder passwordEncoder; public OAuth2Configuration(AuthenticationManager authenticationManager) { this.authenticationManager =