spring-security-oauth2

I am implementing a spring boot application that needs to provide OAuth2 token authorization and support multiple social services (google+, facebook etc). The user should be able to select his preferred social network and sign-in using the OAuth2 authorization framework. I am implementing the above using the approach described here http://cloud.spring.io/spring-cloud-security/ . Currently my application.yml looks like this spring: oauth2: client: clientId: {{my app's google id} clientSecret: {{my app's google secret code}} etc... Also, the spring boot main class is annotated as

I'm having an rest application which is written using spring framework and using spring oauth2 for security.. And whenever I'm calling this rest services from my Angular App , I'm getting a CORS error.. both applications are running on my local machine(localhost) but with different port(8080 for backend java and 3000 for frontend).. I've added @crossorigin() in my controller of backend application and all the cross origin for resources APIs are fixed.. but for spring oauth2 authentication url(/oauth/token) this is happening always.. I've tried many ways , but it won't solved my issue. Anyone

I am using spring security oauth in my project. I am excluding some urls from authentication by configuring in spring security ResourceServerConfigurerAdapter. I added http.authorizeRequests().antMatchers(url).permitAll() . Now, what I am seeing is that, if I don't pass the Authorization header to these urls, it is not authenticated. And the API is called properly. If the call is made with an Authorization header, then it validates the token and fails the call if the token is not validated. My question is what do I need to do so that the token is ignored in the request for which I have

First of all, I disabled basic auth: security.basic.enabled=false Then I access the authorization page: http://localhost:8080/oauth/authorize?client_id=client&response_type=code&redirect_uri=http://www.baidu.com I got following exception: org.springframework.security.authentication.InsufficientAuthenticationException: User must be authenticated with Spring Security before authorization can be completed. at org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.authorize(AuthorizationEndpoint.java:138) ~[spring-security-oauth2-2.0.10.RELEASE.jar:na] at sun.reflect

I just had hard time to get my controllers unit tests working because, IMO, what is in Spring doc is not enough if using OAuth. In my case, it's Oauth2 with JWT. I tried to use @WithMockUser , @WithUserDetails and even define my own annotation with @WithSecurityContext and a custom UserSecurityContextFactory but always got anonymous user in the UserSecurityContext when security expression where evaluated, whatever I set the test context to in my factory... I propose the solution I came to just under, but as I'm not sure mocking the TokenService is the most efficient / clean way to go, please