Oauth2 Java Config JDBC

Question

I have a working example of oauth2 and rest with inmemory authentication and authorization for the client and owner of the resource. I am trying to convert that to the JDBC authentication and authorization sans much success. I keep getting Bad Credentials error. The Filters security goes through is quite confusing for me to debug:-)

Inserted is my java code which for now uses an inmemory authentication user, but not for the client. The schema is the same as this.

Is there a complete working example of oauth2.0 using jdbc authentication and authorization with Java Configuration somewhere?

-------------------Code below--

public class WebSecurityConfig extends OAuth2ServerConfigurerAdapter {
    private final static Logger logger = LogFactory.getLogger(WebSecurityConfig.class);



    private JdbcClientDetailsService jdbcClientDetailsService;
    private JdbcTokenStore jdbcTokenStore;
    private JdbcUserDetailsManagerConfigurer jdbcUserDetailsManagerConfigurer;
    // @formatter:off
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        OAuth2ServerConfigurer oAuth2ServerConfigurer = new OAuth2ServerConfigurer( ).tokenStore(jdbcTokenStore);
        http
            .requestMatchers()
                .and()
            .authorizeRequests()
                .antMatchers("/").permitAll()
                .anyRequest().authenticated()
                .and()
            .apply(oAuth2ServerConfigurer);
        http.setSharedObject(ClientDetailsService.class, jdbcClientDetailsService);

    }
    // @formatter:on

//  // @formatter:off
//  @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        int validityInSec = Integer.parseInt(validtityInSeconds);

        auth
                .userDetailsService(new InMemoryUserDetailsManager(getUserDetails()));

    }
    // @formatter:on
//
    private  final Collection<UserDetails> getUserDetails() {
        List<UserDetails> userDetails = new ArrayList<UserDetails>();
        userDetails.add(new User("auction", "password", AuthorityUtils.createAuthorityList(
                "USER", "read", "write")));
        return userDetails;
    }


    @Autowired
    @Qualifier("oauth_details_ds")
    public void setDataSource(DataSource dataSource){
        jdbcClientDetailsService = new JdbcClientDetailsService(dataSource);
        jdbcTokenStore =  new JdbcTokenStore(dataSource);
//        try {
//            jdbcUserDetailsManagerConfigurer = new JdbcUserDetailsManagerConfigurer().dataSource(dataSource);
//        } catch (Exception e) {
//            logger.error("Bad code design: ",e);
//            e.printStackTrace();
//        }
    }



}

Answer 1

I'm using the same schema from the url you put in your question. I'm using postgres, so I had to change some of the types (varchar -> character varying, LONGVARBINARY -> bytea). In addition to that my datasource is set up in a separate config class and looks like this:

@Bean
public DataSource dataSource() {
    BoneCPDataSource dataSource = new BoneCPDataSource();

    dataSource.setDriverClass("org.postgresql.Driver");
    dataSource.setJdbcUrl("jdbc:postgresql://localhost/oauthDB");
    dataSource.setUsername("my_username");
    dataSource.setPassword("*****");

    return dataSource;
}

I'm using the example provided in Sparklr2 (https://github.com/spring-projects/spring-security-oauth/tree/master/samples/oauth2/sparklr) so that I have the next class:

@Configuration
@EnableWebSecurity
public class OAuth2ServerConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private TokenStore tokenStore;

    private static DataSource dataSource;
    @Autowired
    private void setDataSource(DataSource dataSourcee) {
        dataSource = dataSourcee;
    }

//... SOME MORE CODE ...

@Configuration
@Order(1)
protected static class AuthorizationServerConfiguration extends
        OAuth2AuthorizationServerConfigurerAdapter {

    private TokenStore tokenStore = new JdbcTokenStore(dataSource);

The rest of the code is almost the same as in Sparklr2