Running spring.bat run ../helloOAuth.groovy gives:
org.springframework.security.oauth2.client.resource.UserRedirectRequiredException:
**A redirect is required to get the users approval**
at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.getRedirectForAuthorizatiookenProvider.java:359) ~[spring-security-oauth2-2.0.14.RELEASE.jar:na]
I’m behind a corporate firewall so have set proxy values using JAVA_OPTS environment variable
set JAVA_OPTS="-Dhttp.proxyHost=xxx -Dhttp.proxyPort=xxx -Dhttp.proxyUser=xxx -Dhttp.proxyPassword=xxx"
and mine was from the earlier step that just returned Hello World.
I get redirected off to the login page. But, after login the redirect is to http://localhost:8080/login?state=Qfdm3A&error=invalid_scope&error_description=The+authorization+server+resource+does+not+have+any+configured+default+scopes%2C+%27scope%27+must+be+provided.
I’ve tried setting a default scope, but can’t edit any of the existing settings.
The whitelabel error page doesn’t tell you anything, but your browser’s address window does: no scopes were requested. Modify application.yml to have a scope property at the same level as clientAuthenticationScheme. These are some standard OIDC scopes.
clientAuthenticationScheme: form
scope: openid profile email
Back on the corporate network (no choice this morning) and I get all the way through the login process, but return to localhost with:
http://localhost:8080/login?code=7T4ZHrIGa5GYwFJYWP4B&state=5xM8Bn
Whitelabel Error Page
This application has no explicit mapping for /error, so you are seeing this as a fallback.
Fri Oct 20 08:53:44 BST 2017
There was an unexpected error (type=Unauthorized, status=401).
Authentication Failed: Could not obtain access token
Digging in to the logs this is due to a failed POST
I/O error on POST request for "https://dev-122772.oktapreview.com/oauth2/default/v1/token": Socket is not connected
I’ll try again when I can get off-network and see if that helps.