How do I call MitreID OIDC server?

Question

I am using the Spring Boot MitreID OIDC application from here. This runs OK and I can login but there are no other options available to me:

I am trying to access it using simple-web-app. In simple-web-app I try to login using URI: http://localhost:8080/openid-connect-server-webapp/. This gives:

WARN : org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService -
 Couldn't load configuration for http://localhost:8080/openid-connect-server-webapp/: 
com.google.common.util.concurrent.UncheckedExecutionException: 
org.springframework.web.client.HttpClientErrorException: 404 
ERROR: org.mitre.openid.connect.client.OIDCAuthenticationFilter - No server 
configuration found for issuer: http://localhost:8080/openid-connect-server-webapp/

EDIT: when I try http://localhost:8080 I get:

    WARN : org.mitre.openid.connect.client.service.impl.WebfingerIssuerService - Webfinger 
endpoint MUST use the https URI scheme, overriding by configuration
ERROR: org.mitre.openid.connect.client.OIDCAuthenticationFilter - No client
 configuration found for issuer: http://localhost:8080/

Can anyone point me in the right direction?

FYI simple-web-app has only one java class:

package org.mitre.web;

import java.security.Principal;
import java.util.Locale;
import java.util.Set;

import javax.annotation.Resource;

import org.mitre.openid.connect.client.OIDCAuthenticationFilter;
import org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

/**
 * Handles requests for the application home page.
 */
@Controller
public class HomeController {

    private static final Logger logger = LoggerFactory.getLogger(HomeController.class);

    // filter reference so we can get class names and things like that.
    @Autowired
    private OIDCAuthenticationFilter filter;

    @Resource(name = "namedAdmins")
    private Set<SubjectIssuerGrantedAuthority> admins;

    /**
     * Simply selects the home view to render by returning its name.
     */
    @RequestMapping(value = "/", method = RequestMethod.GET)
    public String home(Locale locale, Model model, Principal p) {

        model.addAttribute("issuerServiceClass", filter.getIssuerService().getClass().getSimpleName());
        model.addAttribute("serverConfigurationServiceClass", filter.getServerConfigurationService().getClass().getSimpleName());
        model.addAttribute("clientConfigurationServiceClass", filter.getClientConfigurationService().getClass().getSimpleName());
        model.addAttribute("authRequestOptionsServiceClass", filter.getAuthRequestOptionsService().getClass().getSimpleName());
        model.addAttribute("authRequestUriBuilderClass", filter.getAuthRequestUrlBuilder().getClass().getSimpleName());

        model.addAttribute("admins", admins);

        return "home";
    }

    @RequestMapping("/user")
    @PreAuthorize("hasRole('ROLE_USER')")
    public String user(Principal p) {
        return "user";
    }

    @RequestMapping("/open")
    public String open(Principal p) {
        return "open";
    }

    @RequestMapping("/admin")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public String admin(Model model, Principal p) {

        model.addAttribute("admins", admins);

        return "admin";
    }

    @RequestMapping("/login")
    public String login(Principal p) {
        return "login";
    }

}

score 1 · Accepted Answer · answered Dec 19 '18 at 12:48

1

MitreID is serving on root but sample app is calling on /openid-connect-server-webapp/ You'll want to change your sample app to point to the proper issuer....http://localhost:8080/ (maybe in the application.properties of your sample app?) Or your MitreID server is not configured properly (possibly for issuer property)

See http://localhost:8080/.well-known/openid-configuration for all the endpoints your sample app would hit

answered Dec 19 '18 at 12:48

sdoxsee

4,451
1
25
60

Thanks! Sorry forgot to mention: I tried that. I have edited the question. Hang on... – schoon Dec 19 '18 at 12:51
Could you explain a little more about 'MitreID server is not configured properly (possibly for issuer property)' please? – schoon Dec 19 '18 at 12:55
the sample isn't configured to work with the spring boot fork. Find issuer references in https://github.com/mitreid-connect/simple-web-app/blob/master/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml – sdoxsee Dec 19 '18 at 13:47
Thansk. Removing references to openid-connect-server-webapp in that file made it work. Or rather it gave a different error. – schoon Dec 19 '18 at 13:50
New question [here](https://stackoverflow.com/questions/53853155/how-to-overcome-thymeleaf-template-approve-error). – schoon Dec 19 '18 at 14:21

How do I call MitreID OIDC server?

1 Answers1

Linked