Simple Token Authentication for Java Apps

Simple Token Authentication for Java Apps

This article explores the benefits of token authentication with JWTs for Java apps.

aviral75

"this time including your token (depending on how much time has passed, you may need to request a fresh token):" can time to expiry be fixed per token or its always a constant value?

Matt Raible

You can change the expiry time by setting up a policy rule. By default, the ID and Access Tokens are valid for 60 min and the Refresh is 100 days. https://uploads.disquscdn.c…

testBot

I am seeing below error message

additional filter chain; firing Filter: 'OAuth2AuthenticationProcessingFilter’
2021-02-07 07:37:28.531 DEBUG [601f98b8f362e8c4fea5db15157bf77c,fea5db15157bf77c,true] 15420 — [nio-8080-exec-1] p.a.OAuth2AuthenticationProcessingFilter : Authentication request failed: error=“invalid_token”, error_description=“Invalid access token: eyJraWQiOiJzSlBLNlRpbGkxTU0ySzc3VC12RlJ3LVJzSm1LMUhQaVdJdkFYMy1WRUJJIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULlY4SmwxZDdNcmpNT0F1ajJrVzIxUkZENEhHZkRuRWFSWmNTSzBvMVZnbFkiLCJpc3MiOiJodHRwczovL2Rldi00MzY1NzQxLm9rdGEuY29tL29hdXRoMi9kZWZhdWx0IiwiYXVkIjoiYXBpOi8vZGVmYXVsdCIsImlhdCI6MTYxMjY4MTY4OCwiZXhwIjoxNjEyNjg1Mjg4LCJjaWQiOiIwb2FrYWJhN0NDWFkxTFJDNzVkNSIsInNjcCI6WyJjdXN0b21TY29wZSJdLCJzdWIiOiIwb2FrYWJhN0NDWFkxTFJDNzVkNSJ9.wGElBYS60RjIzQJewC7y6wrUnXbzeqLBdsnQpTCxqZYAzp9O0-jTwSii6gabb8uDDt2npOuqUrd0rd4H1JANoD_g1q6eGlXDwzjUovkkHu7C1jaBp4KPMRI87m9YD9a9U7c4wivsP-j69j1CjWkXbGaINpB9f2Hp7-Y9D7_SI0tXuAzUIqsJwTNS48MzccJyWSRjxZGPs_fSVIImFTsRnWvjKawr0UvUHuvYZzT15VqHMUCUf-ybZIF9kcOpaX0CpkXTEOlZv5_KrqRGgaQPKrV68k7gsP5w2aUrL-wAMQh248mHdJmKml3fkmtjbBarUro8k9EPJBMDa5WzhbgO7A”

Matt Raible

Are you using the default authorization server for your issuer? If you use your org’s authorization server, you can’t validate tokens and you’ll get an error similar to the one you posted here. See our Authorization Servers documentation for more information.

isilona

Got the same error following this blog.
In my case the problem appeared to be because of using the newest library versions
After removing the deprecated @EnableResourceServer annotation, error disappeared