ARTICLE AD BOX
I'm using Oauth2 resource server because the request will come from the FrontEnd, I never saw this error before and I try to debbug but it dont work. At first I thought It was coming from cors but it wasn't, after a while I tried to make the request through Postman but still not working. I'm using Jose for decoding and verify the token.
The error
java.lang.IncompatibleClassChangeError: Class org.springframework.http.HttpHeaders does not implement the requested interface org.springframework.util.MultiValueMap at org.springframework.http.HttpHeaders.isEmpty(HttpHeaders.java:1897) ~[spring-web-7.0.3.jar:7.0.3] at org.springframework.web.client.RestTemplate$HttpEntityRequestCallback.doWithRequest(RestTemplate.java:947) ~[spring-web-7.0.3.jar:7.0.3] at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:752) ~[spring-web-7.0.3.jar:7.0.3] at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:619) ~[spring-web-7.0.3.jar:7.0.3] at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder$SpringJWKSource.fetchJwks(NimbusJwtDecoder.java:501) ~[spring-security-oauth2-jose-6.5.5.jar:6.5.5] at org.springframework.cache.support.NoOpCache.get(NoOpCache.java:76) ~[spring-context-7.0.3.jar:7.0.3] at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder$SpringJWKSource.getJWKSet(NimbusJwtDecoder.java:515) ~[spring-security-oauth2-jose-6.5.5.jar:6.5.5] at com.nimbusds.jose.jwk.source.CachingJWKSetSource.loadJWKSetNotThreadSafe(CachingJWKSetSource.java:330) ~[nimbus-jose-jwt-9.37.4.jar:9.37.4]application yaml
spring: security: oauth2: resourceserver: jwt: issuer-uri: http://localhost:8080/realms/master jwk-set-uri: http://localhost:8080/realms/master/protocol/openid-connect/certssecurityChain
@Configuration @EnableWebSecurity public class SecurityConfig { @Bean public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) { return httpSecurity .csrf(AbstractHttpConfigurer::disable) .cors(AbstractHttpConfigurer::disable) .authorizeHttpRequests(auth -> auth.anyRequest().authenticated()) .oauth2ResourceServer(oauth2 -> oauth2 .jwt(Customizer.withDefaults())) .build(); }Controller
@RestController @RequestMapping("/create") public class Controller { @GetMapping public String greet() { return "hello"; } }Angular api service
export class ApiService { private http = inject(HttpClient) getGreet(): Observable<string> { const headers = new HttpHeaders().set('Content-Type', 'text/plain; charset=utf-8'); return this.http.get("http://localhost:8081/create", {headers, responseType: 'text'}); } }Angular app config
export const appConfig: ApplicationConfig = { providers: [ provideBrowserGlobalErrorListeners(), provideRouter(routes), provideClientHydration(withEventReplay()), provideOAuthClient(), provideHttpClient(), provideClientHydration(), importProvidersFrom( OAuthModule.forRoot({ resourceServer: { allowedUrls: ['http://localhost:8081/create'], sendAccessToken: true } }), ) ] };Pom
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security-oauth2-resource-server</artifactId> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-oauth2-jose</artifactId> <version>6.5.5</version> <scope>compile</scope> </dependency>