I am new to Spring Boot and OpenID Connect. I am following this article and successfully authenticated the user and created the session in my Spring boot application. Now I am stuck on implementing these two requirements:
- How do I use refresh token grant type to renew the access-token? Do I need to write one more filter to check every time if token is expired and renew the same?
In that case, how do I replace existing
UsernamePasswordAuthenticationTokenin session? Could you provide me some sample code? - Ho do I handle SSO? I am going to have multiple application on different platform, the requirement is to logout the user from all applications if he logs out from any application. In angular or any front end application, it can be done by following the OIDC specifications of session management. But my application is Spring boot, how do I achieve this?
