Springframework “A redirect is required to get the users approval”

Question

i have a problem with my spring web-app. I want to access the google (calendar) api with the webapp and thus i have to authenticate myself to the api and grant access to the calendar.

But the actual problem is that i got the error org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: A redirect is required to get the users approval

web.xml

<context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/spring/root-context.xml, /WEB-INF/spring-security.xml</param-value>
    </context-param>
    <servlet>
        <servlet-name>appServlet</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/spring/appServlet/servlet-context.xml, /WEB-INF/spring-security.xml</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>appServlet</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-3.1.xsd
        http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context-3.1.xsd
        http://www.springframework.org/schema/security/oauth2 
        http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd">

    <oauth:client id="oauth2AuthenticationClientFilter" />

    <oauth:resource id="oauth-resource"
        client-authentication-scheme="form" type="authorization_code"
        access-token-uri="https://accounts.google.com/o/oauth2/token"
        user-authorization-uri="https://accounts.google.com/o/oauth2/auth"
        client-id="CLIENT-ID"
        client-secret="CLIENT-SECRET" scope="https://www.googleapis.com/auth/calendar"
        pre-established-redirect-uri="http://localhost:8080/" />

    <oauth:rest-template id="oauth-rest-template"
        resource="oauth-resource" />
</beans:beans>

Controller

    @Autowired
@Qualifier("oauth-rest-template")
private OAuth2RestTemplate oauth2RestTemplate;


/**
 * Simply selects the home view to render by returning its name.
 * @throws Exception 
 */
@RequestMapping(value = "/test", method = RequestMethod.GET)
public String home(Locale locale, Model model) throws Exception {


    String dataUri = "https://www.googleapis.com/calendar/v3/calendars/sebastian.heckmann%40googlemail.com";

    Calendar result = oauth2RestTemplate.getForObject(dataUri, Calendar.class);

// ... 

return "home";
}

If you need more code, please let me know. I am new to Spring (Security)

Answer 1

I believe you are using Spring Security and must have defined DelegatingFilterProxy filter in your web.xml.

Your code snippet doesn't descrive the security configuration, you need to do following to get it working:-

1. Inside your < sec:http> tag, define the custom filter:-

   < security:custom-filter ref="oauth2AuthenticationClientFilter" after="EXCEPTION_TRANSLATION_FILTER" />

2. Add listner to web.xml

   org.springframework.web.context.request.RequestContextListener