Please add a way to add prefix or custom URL mapping for OidcProviderConfigurationEndpointFilter /.well-known/openid-configuration/ #1409

FoxNeo · 2023-10-17T14:14:56Z

Expected Behavior
Hello, I would like to add the following Feature.
I have a web application that has the Server Context URL https://app-server.com/app-context-name/authenticator

The problem is that the OidcProviderConfigurationEndpointFilter class is final and does not allow modifying the filter url endpoint value. In this example the Metadata Endpoint would be
https://app-server.com/app-context-name/.well-known/openid-configuration/
instead of https://app-server.com/app-context-name/authenticator/.well-known/openid-configuration/
after the sub endpoint /authenticator/

It would be possible to modify the ServerSettings class to be able to override the endpoint like in UserInfo, IdToken for example:

OidcProviderConfigurationEndpointFilter.java

		OidcProviderConfiguration.Builder providerConfiguration = OidcProviderConfiguration.builder()
				.metadataPrefix(authorizationServerSettings.getPrefix())
				.issuer(issuer)
				.authorizationEndpoint(asUrl(issuer, authorizationServerSettings.getAuthorizationEndpoint()))
				.tokenEndpoint(asUrl(issuer, authorizationServerSettings.getTokenEndpoint()))`

AuthorizationServerSettings.java

            public static Builder builderWithPrefix(@NonNull String prefix) {
		return new Builder()
				.metadataPrefix(prefix + "/.well-known/openid-configuration")
				.authorizationEndpoint(prefix + "/oauth2/authorize")
				.tokenEndpoint(prefix +"/oauth2/token")
				.jwkSetEndpoint(prefix +"/oauth2/jwks")
				.tokenRevocationEndpoint(prefix +"/oauth2/revoke")
				.tokenIntrospectionEndpoint(prefix +"/oauth2/introspect")
				.oidcClientRegistrationEndpoint(prefix +"/connect/register")
				.oidcUserInfoEndpoint(prefix + "/userinfo");
	}

Current Behavior
it doesn't work, but it could

       public final class OidcProviderConfigurationEndpointFilter extends OncePerRequestFilter {
	/**
	 * The default endpoint {@code URI} for OpenID Provider Configuration requests.
	 */
	private static final String DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI = "/.well-known/openid-configuration";

	private final RequestMatcher requestMatcher = new AntPathRequestMatcher(
			PREFIX + DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI,
			HttpMethod.GET.name());
	private final OidcProviderConfiguration

Context
You can override the other Endpoints from the configuration: https://docs.spring.io/spring-authorization-server/docs/current/reference/html/configuration-model.html#configuring-authorization-server-settings but the Metadata ( OIDC 1.0 DiscoveyrEndpoint) (/.well-known/openid-configuration) it's not possible.

jgrandja · 2023-10-20T10:17:00Z

@FoxNeo We already have an open and related issue. Please add your comments to gh-1342 and I'll close this as a duplicate.

FoxNeo added the type: enhancement A general enhancement label Oct 17, 2023

jgrandja closed this as completed Oct 20, 2023

jgrandja self-assigned this Oct 20, 2023

jgrandja added status: duplicate A duplicate of another issue and removed type: enhancement A general enhancement labels Oct 20, 2023

FoxNeo mentioned this issue Oct 20, 2023

Support multi-tenancy using the path component for issuer #1342

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Please add a way to add prefix or custom URL mapping for OidcProviderConfigurationEndpointFilter /.well-known/openid-configuration/ #1409

Please add a way to add prefix or custom URL mapping for OidcProviderConfigurationEndpointFilter /.well-known/openid-configuration/ #1409

FoxNeo commented Oct 17, 2023

jgrandja commented Oct 20, 2023

Please add a way to add prefix or custom URL mapping for OidcProviderConfigurationEndpointFilter /.well-known/openid-configuration/ #1409

Please add a way to add prefix or custom URL mapping for OidcProviderConfigurationEndpointFilter /.well-known/openid-configuration/ #1409

Comments

FoxNeo commented Oct 17, 2023

jgrandja commented Oct 20, 2023