Giters

spring-guides / tut-spring-security-and-angular-js

Spring Security and Angular:: A tutorial on how to use Spring Security with a single page application with various backend architectures, ranging from a simple single server to an API gateway with OAuth2 authentication.

Home Page:https://spring.io/guides/tutorials/spring-security-and-angular-js/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Changes to use a symmetric key on the JwtAccessTokenConverter of oauth2 vanilla project

demetrio345 opened this issue · comments

commented

Hi Dave,

I'm making changes to use a symmetric key on the JwtAccessTokenConverter on the authserver:


@Bean
	public JwtAccessTokenConverter jwtAccessTokenConverter() {
		JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
		converter.setSigningKey("123");
		return converter;
	}

After that I add the same converter on the resource server and both servers works(I can make request via Postman), but I cannot make it work with the ui server.
I tried to add the key-uri on the .yml file of ui server, but doesn't work:

resource:
      jwt:
        key-uri: http://localhost:9999/BCM/uaa/oauth/token_key

this URI gives the next response:
{"alg":"HMACSHA256","value":"123"}

I also tried to put the security.oauth2.resource.jwt.key-value as "123" on the yml, without success.

Any idea on how to make the UI work?

commented

Setting security.oauth2.resource.jwt.key-value should work, as long as you don’t set some other property that makes it redundant.