There is spring-web (security app).
Here is configuration:
security:
oauth2:
client:
registration:
*auth:
provider: *auth
client-name: Login with the Identity Server
client-id: ${app.auth-client.client-id}
client-secret: ${app.auth-client.client-secret}
authorization-grant-type: authorization_code
redirect-uri: ?????
provider:
*auth:
token-uri: ${app.auth-client.server-url}/${app.auth-client.realm}/${app.auth-client.server-url-postfix}/token
authorization-uri: ${app.auth-client.server-url}/${app.auth-client.realm}/${app.auth-client.server-url-postfix}/auth
user-info-uri: ${app.auth-client.server-url}/${app.auth-client.realm}/${app.auth-client.server-url-postfix}/userinfo
jwk-set-uri: ${app.auth-client.server-url}/${app.auth-client.realm}/${app.auth-client.server-url-postfix}/certs
The main quiestion is how to resolve redirect uri for UI? There are 2 applications: back(spring) and front(angular)
It works with redirect-uri: {baseUrl}/login/oauth2/code/{registrationId}
But it works only with REST-API and back-end application.
In fact, I want to open UI page - if user isn't auntificated - redirect to auth-server using back. After login - redirect back (redirect-ui ???) to UI page with credentials.
Classical way. But it doesn't wotk with separate UI. For tests I use keycloak.
There is trick:
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
...
@Override
protected void configure(HttpSecurity http) throws Exception {
http
...
.oauth2Login()
.successHandler((request, response, authentication) -> response.sendRedirect(clientProperties.getRedirectUriSuccess()))
Need to define redirect-uri to UI after success auth. It isn't the same redirect-uri from sso configuration.