OAuth2 - Status 401 on OPTIONS request while retrieving TOKEN

Question

Our stack uses Backbone as our client-side app and Spring Boot as a RESTful API.

We\'re trying to make basic authentication using OAuth2 with user providing username

Answer 1

I can just answer your questions in theory:

So why is that an OPTIONS request from /oauth/token responses with 401 status even when it shouldn't? It won't let us authorize ourselves because it get's stuck at OPTIONS request in which we can't add authorization header.

This is because the default configuration of the AuthServer is to allow only a fully authenticated request at the token endpoint.

In your Resource server, you allow all requests to happen without authentication with this: http.authorizeRequests().anyRequest().permitAll();

I tried to solve this circumstance like mentioned here, but I couldn't get that working for me.

Just for completeness I also mention here, that you have to add a CorsFilter to add the correct Headers to the OPTIONS preflight request.

I also asked a very similar question, so maybe if mine gets answered, you are capable of solving your problem as well with these informations.