2

I have a working Authorization Server and Resource Server implemented using Spring Security features that provide single sign-on to all the registered clients in my organization.

It supports the following grant type:

  • Authorization code for web application
  • Password
  • Implicit

Now, one of our new products is a single page application built using React. In order to authenticate and grant access token to it from our custom Auth Server, we are enhancing the Spring project to support PKCE grant type and also making sure the existing functionality does not break.

I know I need to use the latest Spring Security 5 classes of the artifact 'spring-security-oauth2-core', but I am not able to find any documentation around it or sample code example, to begin with. Any pointers will be a great help.

dur
  • 15,689
  • 25
  • 79
  • 125
codebeaver
  • 41
  • 4
  • I am also looking for something similar. However, Spring does not support PKCE as of now. It's planned in their 5.3.X milestone release. https://github.com/spring-projects/spring-security/milestone/147 Let me know how did you proceed ahead with your implementation. – Jeevan Patil Jan 29 '20 at 15:05
  • Hello, did you find out any solution? – Denis Stephanov May 25 '20 at 21:06

0 Answers0