Reputation: 65
How to set Redirect URI for Spring Boot App on App Service using Azure AD
I followed the below tutorial to deploy a Spring Boot web application locally that uses Azure AD:
https://dev.to/azure/using-spring-security-with-azure-active-directory-mga
This works well locally,and I have deployed the application to Azure App Service. To redirect correctly for Oauth I am configuring the Redirect URI on App Service, the Azure GUI expects an OAuth Redirect URI that begins with "https://" and Spring boot expects a redirect URI with the format "http://[domain]:[port]/login/oauth2/code/azure".
Is there a way to configure Spring to expect a URI beginning with "https://"
I tried updating the below application property which didn't help. There is workaround to use Type=Public client/native with an "http" URI. Is there a better solution?
spring.security.oauth2.client.registration.azure.redirect-uri-template={baseUrl}/login/oauth2/code/{registrationId}
Upvotes: 1
Views: 7007
Answers (2)
Reputation: 382
With the new azure-spring-boot-starter-active-directory dependency for Spring you can add the azure.activedirectory.redirect-uri-template property.
Example application.yml:
azure:
activedirectory:
tenant-id: <id>
client-id: <id>
client-secret: <secret>
redirect-uri-template: https://app.example.com/login/oauth2/code/
Update for Spring-Cloud-Azure Version 4.x
Example application.yml:
spring:
cloud:
azure:
active-directory:
enabled: true
profile:
tenant-id: <tenant_id>
credential:
client-id: <client_id>
client-secret: <secret>
redirect-uri-template: https://app.example.com/login/oauth2/code/
Upvotes: 2
Reputation: 464
In App Service, the front-ends are offloading the SSL. For Tomcat and WildFly images we added a filter that takes care of hydrating the context at the web worker machine.
Unfortunately, in cases when the customer brings their own Web Server such as Spring Boot, they will need to add custom logic like the one from our filters to workaround this.
Other option, is to rely on App Service to do the authentication by using App Service EasyAuth feature: https://learn.microsoft.com/en-us/azure/app-service/overview-authentication-authorization
Upvotes: 2
Related Questions
- redirect URI in Azure web app authentication
- Insert a new redirect URI into Azure App Registration via Powershell
- Redirect URL for Spring OAuth2 app on Azure with Active Directory: Invalid Redirect URI Parameter
- How to redirect requests to a different web app hosted via Azure App Service
- How to redirect URL in Azure application gateway
- Can we change Redirect_uri in Azure Ad
- Spring boot app endpoints with Azure App service
- Azure AD Redirect URL Using Application Gateway
- Redirect URI of an Azure Active Directory App Registration when backend on other server
- IIS URL redirect