oauth2Authentication is null

Question

oauth2Authentication is null

wiliao opened this issue 4 years ago · 1 comments

Hi Joe,

I changed the "auth-server" to "localhost" in all projects. I tried to access localhost:8080 and it showed a login page at http://localhost:9000. I typed in user1/password, and it had 500 internal error, checked the log, it was caused by "oauth2Authentication is null".

@bean
ProviderSettings providerSettings() {
return new ProviderSettings().issuer("http://localhost:9000");
}

@ModelAttribute("authorizedClientRegistrations")
List authorizedClientRegistrations(OAuth2AuthenticationToken oauth2Authentication) {
if (this.clientRegistrationRepository == null) {
return Collections.emptyList();
}

If I added the entry 127.0.0.1 auth-server to host file and keep using "auth-server", it works.

What is the difference between http://auth-server:9000 and http://localhost:9000 in this case?

Warm regards,
William

Answer 1 · 2021-03-22T10:30:54.000Z

@wiliao

What is the difference between http://auth-server:9000 and http://localhost:9000 in this case?

If the client and authorization server are running within the same host (localhost) then session Cookie will be overwritten - the auth server cookie will overwrite the client cookie on the authorization server response redirect.

I documented this in the README

IMPORTANT: Make sure to modify your /etc/hosts file to avoid problems with session cookie overwrites between ui-app and auth-server. Simply add the entry 127.0.0.1 auth-server