I have a web app in Spring Framework with Spring Security 5.7.7 and Spring Framework 5.3.25. I am trying to implement Oauth2Login with Azure AD/ Entra ID. I have a working secret, tenant and client-id.
I am trying to setup Oauth2Login in my Spring Framework app but somehow the complete Oauth2LoginConfig is not getting triggered. When I access '/faces/start/start.jsf' it opens the page instead of redirecting me to the Azure AD login page.
@Configuration
@EnableWebSecurity
public class OAuth2LoginConfig {
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests(authorize -> authorize
.anyRequest().authenticated()
)
.oauth2Login(withDefaults());
return http.build();
}
@Bean
public ClientRegistrationRepository clientRegistrationRepository() {
return new InMemoryClientRegistrationRepository(this.azureClientRegistration());
}
@Bean
public OAuth2AuthorizedClientService authorizedClientService(
ClientRegistrationRepository clientRegistrationRepository) {
return new InMemoryOAuth2AuthorizedClientService(clientRegistrationRepository);
}
@Bean
public OAuth2AuthorizedClientRepository authorizedClientRepository(
OAuth2AuthorizedClientService authorizedClientService) {
return new AuthenticatedPrincipalOAuth2AuthorizedClientRepository(authorizedClientService);
}
private ClientRegistration azureClientRegistration() {
return ClientRegistration.withRegistrationId("azure")
.clientId("my-client-id")
.clientSecret("my-secret")
.scope("openid", "profile", "email")
.authorizationUri("https://login.microsoftonline.com/xxx/oauth2/v2.0/authorize")
.tokenUri("https://login.microsoftonline.com/xxx/oauth2/v2.0/token")
.build();
}
}
Is there anything I am missing? Do I have to add OAuth2LoginConfig anywhere in my app to get it loaded?
My pom.xml has these dependencies
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${spring-security.version}</version>
<exclusions>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring-security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-client</artifactId>
<version>${spring-security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId>
<version>${spring-security.version}</version>
</dependency>
Adding these changes fixed my issue.
filter and filter-mapping in my web.xml
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
reference to my oAauth2LoginConfig class in applicationConfig-context.xml
content annotation config in my applicationConfig-bootstrap.xml
<context:annotation-config />
By adding these spring started considering my Oauth2LoginConfig and started redirecting me to Azure AD/ Entra ID login page.