Is spring-authorization-server
appropriate for connecting to an existing OIDC server provided by my enterprise? It looks like spring-authorization-server
provides the ability to create and customize these auth flows, and we can also utilize github and google as federated (social) auth providers, but I am trying to determine if I can connect to my organization's auth service.
We deploy our application stack of several spring boot applications on an enclave, and we also deploy on another network that a wider audience can reach. Each of these networks has its own OIDC server, so I envision having each of the apps talk to the spring auth server, and the spring auth server will be configured on each network for that network's provided auth server. I want the application stack (in its entirety) to be as portable as possible, and I want to isolate the differences between the two deployment environments only to configuration, if possible.
I am aware that I can configure the spring security oauth2 client in each of the apps to talk to my company's OIDC server, but I would prefer to avoid doing it that way, of possible.
So, my question is -- how can I point spring-authorization-server to an external OIDC server (that is not google or github)? I have done extensive searching, and I have looked at many, many tutorials and examples. It seems like this should be something that Spring would want to show in their examples, but it is conspicuously absent. That makes me think that it is not designed to do what I want to do, but I hope that I am just missing something.