Merge pull request Baeldung#242 from MajewskiKrzysztof/bug/BAEL-4926

BAEL-4926 Improve the Auth Server Article

Author: lor6

oauth-authorization-server/client-server/src/main/java/com/baeldung/web/ArticlesController.java

@@ -1,5 +1,6 @@
 package com.baeldung.web;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -11,6 +12,7 @@
 @RestController
 public class ArticlesController {
 
+    @Autowired
     private WebClient webClient;
 
     @GetMapping(value = "/articles")

oauth-authorization-server/resource-server/src/main/java/com/baeldung/config/ResourceServerConfig.java

@@ -13,7 +13,7 @@ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http.mvcMatcher("/articles/**")
           .authorizeRequests()
           .mvcMatchers("/articles/**")
-          .access("hasAuthority('SCOPE_article.read')")
+          .access("hasAuthority('SCOPE_articles.read')")
           .and()
           .oauth2ResourceServer()
           .jwt();

oauth-authorization-server/spring-authorization-server/src/main/java/com/baeldung/config/AuthorizationServerConfig.java

@@ -10,6 +10,7 @@
 import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
+import org.springframework.security.oauth2.core.oidc.OidcScopes;
 import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
@@ -28,12 +29,16 @@ public class AuthorizationServerConfig {
     @Bean
     public RegisteredClientRepository registeredClientRepository() {
         RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
-          .clientId("article-client").clientSecret("secret")
+          .clientId("articles-client")
+          .clientSecret("secret")
           .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
           .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
           .authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
           .redirectUri("http://localhost:8080/login/oauth2/code/articles-client-oidc")
-          .scope("articles.read").build();
+          .redirectUri("http://localhost:8080/authorized")
+          .scope(OidcScopes.OPENID)
+          .scope("articles.read")
+          .build();
         return new InMemoryRegisteredClientRepository(registeredClient);
     }