Extends Spring Security OAuth2 to suport OpenID Connect (OIDC) 1.0. tonr/sparklr samples from SECOAUTH2 to work with ODIC.
This project is inspired by MITREid Connect and Nimbus OAuth 2.0 SDK w/ OpenID Connect, borrowed a lot of idea from them.
- spring-* : 3.2.8.RELEASE
- spring-security : 3.2.3.RELEASE
- spring-security-oauth2 : 2.0.1.RELEASE
"mvn package" in oidc1-on-secoauth2 directory will create three war files (tonr, sparklr, keyhole).
- Import tonr, sparklr, keyhole and oidc-* projects with "Existing Maven projects" (Import -> Maven)
- If necessary, change the "authServerUri" property in odic.properties.
Now you can deploy all 3 apps (tonr2, sparklr2, keyhole2) into your Servers environment!
(2014-06-26)
- ID token validation (partially) 3.1.3.7. ID Token Validation
- (partially) 7. Self-Issued OpenID Provider
(2014-06-19)
- Authorization Code Flow in Section 3.1.1 to 3.1.3.6 in OpenID Connect Core 1.0.
- Plain JWT format for ID Token (Uses Nimbus JOSE JWT)
- ID Token Validation (Section 3.1.3.7)
- Signed/Encrypted JWT
- UserInfo (/userinfo) endpoint and claims (Section 5)
- Implict Flow (Section 3.2), Hybrid Flow (Section 3.3)
- Initiating Login from Third parties (Section 4)
- OpenID Connect Discovery
- OpenID Connect Dynamic Registration
- Session Management
See this document how these sample apps works: OAuth2 Single Sign On with spring-security-oauth2