I am trying to configure my spring boot app to use OAuth2 with Azure active directory. However, spring boot either isn't picking up application.yml file or my file isn't configured correctly, but I can't seem to find what is configured wrong.
The root error I am getting is
Caused by: org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' available
but If I include a bean in my config file with similar setup, the tomcat server is able to startup successfully, but is pointing to the wrong endpoint. (/oauth2/authorization/azure
vs the expected /login/oauth2/code/
)
I'm using spring version 5.3.20, spring boot version 2.7.10, and spring security 5.6.9.Final
application.yml:
azure:
activedirectory:
client-id: {CLIENT ID}
client-secret: {CLIENT SECRET}
tenant-id: {TENANT ID}
authorization-clients:
facility-inventory:
scopes: openid, profile, user, offline_access
authorization-grant-type: client_credentials
spring:
security:
oauth2:
client:
provider:
azure-active-directory:
issuer-uri: https://login.microsoftonline.com/{ORG}/oauth2/v2.0
registration:
azure:
provider: azure-active-directory
client-id: {CLIENT ID}
client-secret: {CLIENT SECRET}
scope: openid, profile, user, offline_access
authorization-uri: /login/oauth2/authorize/
redirect-uri: /login/oauth2/code/
authorization-grant-type: client_credentials
pre-established-redirect-uri: {Base URL}/login/oauth2/code/
registered-redirect-uri: {Base URL}/login/oauth2/code/
use-current-uri: false
Java Custom ClientRegistation definition:
@Bean
public ClientRegistrationRepository clientRegistrationRepository() {
return new InMemoryClientRegistrationRepository(
ClientRegistration
.withRegistrationId("azure")
.clientId("{CLIENT ID}")
.clientSecret("CLIENT SECRET")
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.redirectUri("/login/oauth2/code/*")
.scope("openid", "profile", "email", "address", "phone")
.authorizationUri("https://login.microsoftonline.com/{ORG}/oauth2/v2.0")
.tokenUri("https://login.microsoftonline.com/{ORG}/oauth2/v2.0/token")
.userNameAttributeName(IdTokenClaimNames.SUB)
.clientName("Valuations-Mgmt-Tool_qa_ac_client")
.build()
);
}