Can anyone help here? Do i need any special settings in postman?
Hi @k-auth0,
Unfortunately, I’m not familiar with Spring at all, but I will try to help! Are you testing your API in Postman using the Access Token you receive after logging into the Angular app as the Bearer token in the Authorization header? Have you tried logging the token you are receiving in the API to see the entire token and decoding it at https://jwt.io/?
To clarify, In above scenario - Angular is out of scope. Postman is invoking endpoint, and Spring is scanning the token and printing all properties - claims, scopes permissions…
may be I have to use the below
1 Like
I think the tutorial would be a great example to follow! You can also check out the Spring quickstart if your haven’t already: Auth0 Java Spring Boot SDK Quickstarts: Login
Still Nightmares
Once there was this object - AuthenticationJsonWebToken
May be it is now - @AuthenticationPrincipal OidcUser principal
The example doesn’t give enough logs to understand. I would be nice to write small example, which I think is part of unit testing, as Spring users is one huge community. Lots of ellipses in the example {…}
@DeleteMapping(“/{id}”)
@PreAuthorize(“hasAuthority(‘delete:items’)”) //
New line
public ResponseEntity delete(@PathVariable(“id”) Long id) {…}@ExceptionHandler(MethodArgumentNotValidException.class) public ResponseEntity<Map<String, String>> handleValidationExceptions( MethodArgumentNotValidException ex) {...}
Too much forcing like -@EnableGlobalMethodSecurity(prePostEnabled = true) and endpoints @PreAuthorize(“hasAuthority(‘create:items’)”) is unwanted
Can anyone tell me - how can I print the claims using the above example.
Ok. Sorted
In an endpoint signature, we can add this default bean - JwtAuthenticationToken authentication
@GetMapping()
public String getSomething(final JwtAuthenticationToken authentication) {
authentication.getTokenAttributes().entrySet().stream().forEach(e → System.out.println(e.getKey()+": "+ e.getValue().toString()));
}
I have to now figure out, the minimal code needed for the functionality
https://auth0.com/blog/spring-boot-authorization-tutorial-secure-an-api-java/#
1 Like
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.