Solid Authentication combined with Spring Boot. This project demonstrates the Solid Authentication process (OAuth2 - OIDC as specified in the Solid OIDC Primer) combined with Spring Boot and Spring Security).
You can find extra explanation for this repository in the document we posted on the Konsolidate website.
Remark: this code is not tested for production and may be outdated at any point in time.
There are several ways to run a Spring Boot application on your local machine. One way is to execute the main
method in the eu.konsolidate.auth.AuthApplication
class from your IDE.
Alternatively you can use the Spring Boot Maven plugin like so:
mvn spring-boot:run
You need to register your application at the identity provider of your choosing. You can do that by sending a POST request to the correct url from your identity provider. You can check the OpenId Configuration from your identity povider at (there you will find a JSON string with "registration_endpoint"):
https://YOUR_IDENTITY_PROVIDER/.well-known/openid-configuration
Keep in mind that you should execute this request with a body.
Parameter | Value |
---|---|
redirect_uris | ["YOUR_REDIRECT_URIS", "...", "..."] |
application_type | "web" |
token_endpoint_auth_method | "authorization_code" |
scopes | "openid,webid,offline_access" |
- see application.yml for "{baseUrl}/login/oauth2/code/{registrationId}",
- it contains the baseUrl from your application (when running locally: http://localhost:8080),
- and also the registrationId (which can be: "community-solid-server", "inrupt" or "solidcommunity")
Your identity provider should respond with "client_id" and "client_secret" (and also some other fields which we don't use in this application).
The application uses environment variables for securing id's and secrets. The mandatory environment variables are listed below:
- CSS_CLIENT_ID
- CSS_CLIENT_SECRET
- SOLIDCOMMUNITY_CLIENT_ID
- SOLIDCOMMUNITY_CLIENT_SECRET
- INRUPT_CLIENT_ID
- INRUPT_CLIENT_SECRET
- REDIRECT_URL
- REDIRECT_URL
The Solid Auth code is copyrighted by Konsolidate and available under the MIT License.