October 22, 2024
Chicago 12, Melborne City, USA
OiO.lk Blog java How to customize the well-known endpoint in Spring Authorization Server?
java

How to customize the well-known endpoint in Spring Authorization Server?

  • by
  • October 17, 2024
  • 0 Comments
  • 1 minute read
  • 12 Views
  • 5 days ago


I’m using Spring Authorization Server v3.3.1. My current well-known endpoint is <hostname>/.well-known/openid-configuration and this returns the standard OpenId configuration.
I want to remove a couple of attributes from this standard response and change the endpoint path to <hostname>/oauth2/token/.well-known/openid-configuration.

For this I’ve duplicated the OidcProviderConfigurationEndpointFilter and made the necessary changes and registered it to the authorizationServerSecurityFilterChain.

Request Matcher in the duplicated filter is as follows:

private static RequestMatcher createRequestMatcher() {
    final RequestMatcher defaultRequestMatcher = new AntPathRequestMatcher(
        "/oauth2/token/.well-known/openid-configuration", HttpMethod.GET.name());
    return (request) -> defaultRequestMatcher.matches(request);
    }

This is how I’ve added the filter to the chain:

SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
        
        OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
        http.getConfigurer(OAuth2AuthorizationServerConfigurer.class)
                .authorizationEndpoint((authorizationEndpoint) -> authorizationEndpoint
                        .authenticationProviders(configureAuthenticationValidator()))
                .tokenEndpoint((tokenEndpoint) -> tokenEndpoint
                        .authenticationProviders(configureAuthenticationValidator())
                        .errorResponseHandler(new ErrorResponseHandler()))
                .oidc(Customizer.withDefaults());

        // Duplicated Filter
        OidcWellknownEndpointFilter oidcWellknownEndpointFilter = new OidcWellknownEndpointFilter();
        http.addFilterBefore(oidcWellknownEndpointFilter,
                AbstractPreAuthenticatedProcessingFilter.class);

        return http.build();
    }

My question is, how can I direct requests coming to the /oauth2/token/.well-known/openid-configuration to the OidcWellknownEndpointFilter?

I tried to add a permitAll() for this endpoint like below:

SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
        
        http.authorizeHttpRequests((authorize) -> authorize
                .requestMatchers("/oauth2/token/.well-known/openid-configuration").permitAll());
        OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);

        http.getConfigurer.... <other code>
    }

This will redirect all the requests coming to the endpoint to the login page.
Appreciate any help regarding this.



You need to sign in to view this answers

Share This Post:

Leave feedback about this

  • Quality
  • Price
  • Service

PROS

+
Add Field

CONS

+
Add Field
Choose Image
Choose Video

Related Post

GPL

Free GPL WordPress Multilingual Multisite

October 22, 2024
javascript

Unable to set a breakpoint in typescript VS Extension

October 22, 2024
SQL

Query Data from Active DB & CSV in Toad?

October 22, 2024
CSS

JavaScript / Tailwind.css – issue creating bingo card layout

October 22, 2024
HTML

Image Preview with Bootstrap, HTML + JS

October 22, 2024
Android

How to implement ObjectBox with Android Version Catalog (TOML)

October 22, 2024