Problem with OAuth2 and Spring Clound Dataflow/Skipper

[onobc]

Here's the context of my task that I'm not able to achieve : We have a component (an app) that is deployed to Spring Cloud Dataflow and is then used by streams that we define. Everythings works great until the point where I'm supposed to add some security. What we want is to be able to switch different security modes (Keycloak, custom roles defined by our own security application and no security). We decided to have a parameter in the config file to enable the type of the security we wanted.

To do so, we activate our SecurityFilterChain bean according to the value specified in the config file (via @conditional) and it works fine when I run the app locally.

The problem comes when I deploy my app to Dataflow and then create a stream. I always have a log saying that there are missing OAuth2 properties so it skips the auth interceptor configuration (which is kinda problematic) and whatever the security mode I chose.

Is it because I have some OAuth2 dependencies in my pom.xml ? Then why does it work on my machine but not on Dataflow ? Does Skipper/Dataflow pass some properties thinking OAuth2 is configured while it's not ?

I know it's a hard question without knowing our infrastructure but I'm throwing a bottle into the ocean.

FYI : Spring boot 3.3.5, Spring Security 6.2 and Skipper 2.7. something (I think we tried both .5 & .11)

Taken from SO question

[onobc]

So the current SCDF version is 2.11.1 and the java version is 17, for both SCDF and our stream apps. Hope it helps –
Jani

Hi Jani,
So first thing we recommend is to update to the latest 2.11.x (which is 2.11.5) as there are quite a few bug fixes between 2.11.1 and 2.11.5.

After that please provide a small repro case so that we can investigate.

Thank you