Oauth2 Client_Credentials Grant: java.lang.IllegalArgumentException: serverWebExchange cannot be null

[juliuskrah]

Summary

I recently upgraded to Spring Security 5.2.0.RC1 because Webclient is not 'renewing' tokens for Oauth2 Client_credentials grant type.

I have the folling configuration

spring:
  security:
    oauth2:
      client:
        registration:
          keycloak:
            client-id: <id>
            client-secret: <pass>
            authorization-grant-type: client_credentials
        provider:
          keycloak:
            issuer-uri: http://localhost/auth/realms/<realm-name>

@Bean
fun webClient(clientRegistrations: ReactiveClientRegistrationRepository,
                  authorizedClients: ServerOAuth2AuthorizedClientRepository): WebClient {
    val oauth = ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations,
                UnAuthenticatedServerOAuth2AuthorizedClientRepository())
    // val oauth = ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients)
    return WebClient.builder()
                .filter(oauth)
                .build()
}

and finally, I'm calling Webclient

webClient.post()
                .uri {
                    it.scheme("http")
                            .host("localhost")
                            .port(5000)
                            .path("/path")
                            .path("/{id}")
                            .build(id)
                }
                .contentType(MediaType.APPLICATION_JSON)
                .attributes(clientRegistrationId("keycloak"))
                .body(BodyInserters.fromObject(payload))
                .exchange()
                .subscribe { log.debug("Success with HTTP Status {}", it.statusCode()) }

Actual Behavior

I get an exception

org.springframework.kafka.listener.ListenerExecutionFailedException: Listener method 'public void com.example.Main.method(com.example.Example)' threw exception; nested exception is reactor.core.Exceptions$ErrorCallbackNotImplemented: java.lang.IllegalArgumentException: serverWebExchange cannot be null; nested exception
is reactor.core.Exceptions$ErrorCallbackNotImplemented: java.lang.IllegalArgumentException: serverWebExchange cannot be null
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.decorateException(KafkaMessageListenerContainer.java:1327) ~[spring-kafka-2.2.8.RELEASE.jar:2
.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeErrorHandler(KafkaMessageListenerContainer.java:1316) ~[spring-kafka-2.2.8.RELEASE.jar:
2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeRecordListener(KafkaMessageListenerContainer.java:1232) ~[spring-kafka-2.2.8.RELEASE.
jar:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeWithRecords(KafkaMessageListenerContainer.java:1203) ~[spring-kafka-2.2.8.RELEASE.jar
:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeRecordListener(KafkaMessageListenerContainer.java:1123) ~[spring-kafka-2.2.8.RELEASE.ja
r:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeListener(KafkaMessageListenerContainer.java:938) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8
.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.pollAndInvoke(KafkaMessageListenerContainer.java:751) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.
RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.run(KafkaMessageListenerContainer.java:700) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.RELEASE]
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[na:na]
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
        at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: reactor.core.Exceptions$ErrorCallbackNotImplemented: java.lang.IllegalArgumentException: serverWebExchange cannot be null
Caused by: java.lang.IllegalArgumentException: serverWebExchange cannot be null
        at org.springframework.util.Assert.notNull(Assert.java:198) ~[spring-core-5.1.9.RELEASE.jar:5.1.9.RELEASE]
        at org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager.authorize(DefaultReactiveOAuth2AuthorizedClientManager.java:75) ~[spring-security-o
auth2-client-5.2.0.RC1.jar:5.2.0.RC1]
        at reactor.core.publisher.MonoFlatMap$FlatMapMain.onNext(MonoFlatMap.java:118) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onNext(FluxOnAssembly.java:345) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onNext(FluxMapFuseable.java:121) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onNext(FluxOnAssembly.java:345) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$MonoSubscriber.complete(Operators.java:1515) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoZip$ZipCoordinator.signal(MonoZip.java:247) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoZip$ZipInner.onNext(MonoZip.java:329) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onNext(FluxOnAssembly.java:345) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$MonoSubscriber.complete(Operators.java:1515) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxDefaultIfEmpty$DefaultIfEmptySubscriber.onComplete(FluxDefaultIfEmpty.java:100) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onComplete(FluxMapFuseable.java:144) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:78) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onComplete(FluxMapFuseable.java:144) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxFilterFuseable$FilterFuseableSubscriber.onComplete(FluxFilterFuseable.java:166) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$ScalarSubscription.request(Operators.java:2073) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.request(FluxOnAssembly.java:442) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxFilterFuseable$FilterFuseableSubscriber.request(FluxFilterFuseable.java:185) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.request(FluxOnAssembly.java:442) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.request(FluxMapFuseable.java:162) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.request(FluxOnAssembly.java:442) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$MultiSubscriptionSubscriber.set(Operators.java:1879) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$MultiSubscriptionSubscriber.onSubscribe(Operators.java:1753) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onSubscribe(FluxOnAssembly.java:426) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onSubscribe(FluxMapFuseable.java:90) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onSubscribe(FluxOnAssembly.java:426) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxFilterFuseable$FilterFuseableSubscriber.onSubscribe(FluxFilterFuseable.java:82) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onSubscribe(FluxOnAssembly.java:426) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoCurrentContext.subscribe(MonoCurrentContext.java:35) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:56) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFilterFuseable.subscribe(MonoFilterFuseable.java:47) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoMapFuseable.subscribe(MonoMapFuseable.java:59) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:75) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators.complete(Operators.java:131) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoEmpty.subscribe(MonoEmpty.java:45) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoSwitchIfEmpty.subscribe(MonoSwitchIfEmpty.java:44) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoMapFuseable.subscribe(MonoMapFuseable.java:59) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoDefaultIfEmpty.subscribe(MonoDefaultIfEmpty.java:37) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoZip.subscribe(MonoZip.java:128) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoMapFuseable.subscribe(MonoMapFuseable.java:59) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFlatMap.subscribe(MonoFlatMap.java:60) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoDefer.subscribe(MonoDefer.java:52) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:75) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators.complete(Operators.java:131) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoEmpty.subscribe(MonoEmpty.java:45) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoSwitchIfEmpty.subscribe(MonoSwitchIfEmpty.java:44) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFlatMap.subscribe(MonoFlatMap.java:60) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoMapFuseable.subscribe(MonoMapFuseable.java:59) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFlatMap.subscribe(MonoFlatMap.java:60) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoSwitchIfEmpty.subscribe(MonoSwitchIfEmpty.java:44) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoSwitchIfEmpty.subscribe(MonoSwitchIfEmpty.java:44) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFlatMap.subscribe(MonoFlatMap.java:60) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribeWith(Mono.java:3964) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3852) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3819) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3766) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at com.stlghana.support.service.EmailService.processIncident(EmailService.kt:53) ~[main/:na]
        at jdk.internal.reflect.GeneratedMethodAccessor33.invoke(Unknown Source) ~[na:na]
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na]
        at java.base/java.lang.reflect.Method.invoke(Method.java:566) ~[na:na]
        at org.springframework.messaging.handler.invocation.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:171) ~[spring-messaging-5.1.9.RELEASE.jar:5.1.9.RELEASE]
        at org.springframework.messaging.handler.invocation.InvocableHandlerMethod.invoke(InvocableHandlerMethod.java:120) ~[spring-messaging-5.1.9.RELEASE.jar:5.1.9.RELEASE]
        at org.springframework.kafka.listener.adapter.HandlerAdapter.invoke(HandlerAdapter.java:48) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.RELEASE]
        at org.springframework.kafka.listener.adapter.MessagingMessageListenerAdapter.invokeHandler(MessagingMessageListenerAdapter.java:283) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.RELEA
SE]
        at org.springframework.kafka.listener.adapter.RecordMessagingMessageListenerAdapter.onMessage(RecordMessagingMessageListenerAdapter.java:79) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.
8.RELEASE]
        at org.springframework.kafka.listener.adapter.RecordMessagingMessageListenerAdapter.onMessage(RecordMessagingMessageListenerAdapter.java:50) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.
8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeOnMessage(KafkaMessageListenerContainer.java:1278) ~[spring-kafka-2.2.8.RELEASE.jar:2
.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeOnMessage(KafkaMessageListenerContainer.java:1261) ~[spring-kafka-2.2.8.RELEASE.jar:2.2
.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeRecordListener(KafkaMessageListenerContainer.java:1222) ~[spring-kafka-2.2.8.RELEASE.
jar:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeWithRecords(KafkaMessageListenerContainer.java:1203) ~[spring-kafka-2.2.8.RELEASE.jar
:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeRecordListener(KafkaMessageListenerContainer.java:1123) ~[spring-kafka-2.2.8.RELEASE.ja
r:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeListener(KafkaMessageListenerContainer.java:938) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8
.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.pollAndInvoke(KafkaMessageListenerContainer.java:751) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.
RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.run(KafkaMessageListenerContainer.java:700) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.RELEASE]
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[na:na]
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
        at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
        Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException:
Assembly trace from producer [reactor.core.publisher.MonoFlatMap] :
        reactor.core.publisher.Mono.flatMap(Mono.java:2537)
        org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.lambda$authorizedClient$7(ServerOAuth2AuthorizedClientE
xchangeFilterFunction.java:310)
Error has been observed by the following operator(s):
        |_      Mono.flatMap ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.lambda$authorizedClient$7(Server
OAuth2AuthorizedClientExchangeFilterFunction.java:310)
        |_      Mono.defer ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.authorizedClient(ServerOAuth2Autho
rizedClientExchangeFilterFunction.java:309)
        |_      Mono.switchIfEmpty ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.authorizedClient(ServerOAu
th2AuthorizedClientExchangeFilterFunction.java:309)
        |_      Mono.flatMap ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.authorizedClient(ServerOAuth2Aut
horizedClientExchangeFilterFunction.java:311)
        |_      Mono.map ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.filter(ServerOAuth2AuthorizedClientE
xchangeFilterFunction.java:301)
        |_      Mono.flatMap ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.filter(ServerOAuth2AuthorizedCli
entExchangeFilterFunction.java:302)
        |_      Mono.switchIfEmpty ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.filter(ServerOAuth2Authori
zedClientExchangeFilterFunction.java:303)
        |_      Mono.switchIfEmpty ? org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.exchange(DefaultWebClient.java:320)
        |_      Mono.flatMap ? org.springframework.web.reactive.function.client.DefaultWebClient$DefaultResponseSpec.bodyToMono(DefaultWebClient.java:444)

PS: The stacktrace above has some Kafka bits in there.

Expected Behavior

I expect webclient to make the request using the access token. It works fine with Spring Security 5.1.6.RELEASE, the only issue, it does not renew the token after it is expired

Configuration

spring:
  security:
    oauth2:
      client:
        registration:
          keycloak:
            client-id: <id>
            client-secret: <pass>
            authorization-grant-type: client_credentials
        provider:
          keycloak:
            issuer-uri: http://localhost/auth/realms/<realm-name>

@Bean
fun webClient(clientRegistrations: ReactiveClientRegistrationRepository,
                  authorizedClients: ServerOAuth2AuthorizedClientRepository): WebClient {
    val oauth = ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations,
                UnAuthenticatedServerOAuth2AuthorizedClientRepository())
    // val oauth = ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients)
    return WebClient.builder()
                .filter(oauth)
                .build()
}

Version

Spring Boot: 2.1.8.RELEASE
Spring Security: 5.2.0.RC1

Sample

No Sample

[jgrandja]

@juliuskrah Can you please put together a minimal sample that reproduces the issue. I'll be able to effectively troubleshoot the issue at that point.

[jgrandja]

@juliuskrah I just realized what the issue is. In the 5.2.0.RC1 release, DefaultReactiveOAuth2AuthorizedClientManager required ServerWebExchange as one of the inputs. See here.

This has been resolved via #7390 which will be coming in the 5.2.0 GA release this coming Monday.

I'm going to close this issue but we can re-open if you're still having issues with the 5.2.0 GA release.

[juliuskrah]

@jgrandja Once 5.2.0 is GA, I will give my feedback. Thanks a lot

[abhi2495]

@juliuskrah
You can use the following code : Spring WebFlux Security- Client config - OAuth2.0 Client Credentials Flow