Jhipster 6.0.0-beta.0 - 405 Method Not Allowed on /oauth/token endpoint

0
votes

I am using a gateway with uaa. The only change i have done in gateway is ".csrf().disable()"

When i try to get a token using the following command. I get a 405 error.

Command: curl -X POST -v http://localhost:8181/oauth/token -i -H "Accept: application/json" -H "Authorization: Basic aW50ZXJuYWw6aW50ZXJuYWw=" -d "grant_type=client_credentials&scope=web-app"

Error: {"type":"https://www.jhipster.tech/problem/problem-with-message","title":"Method Not Allowed","status":405,"detail":"Request method 'POST' not supported","path":"/oauth/token","message":"error.http.405"}%

It am able to get the token when I open the port for uaa and run the command.

curl -X POST -v http://localhost:9999/oauth/token -i -H "Accept: application/json" -H "Authorization: Basic aW50ZXJuYWw6aW50ZXJuYWw=" -d "grant_type=client_credentials&scope=web-app"

1
jhipster

1 Answers

2
votes

First of all, I would not recommend disabling CSRF protection unless you are absolutely sure you need to.

Your first CURL request is sent to the gateway. The endpoint exists on the UAA, not the gateway, which explains why your second CURL request works instead. To request it through the gateway, you can use the correct URL which proxies the request to the UAA service:

http://localhost:8080/services/uaa/oauth/token

Requests to /services/uaa/ are routed to the uaa service.

The UAA Gateway also has an auth endpoint which is used by the Angular/React clients to generate a cookie:

curl 'http://localhost:8080/auth/login' -H 'Content-Type: application/json' --data-binary '{"username":"admin","password":"admin","rememberMe":true}' --compressed