How to create OpenID Provider with Spring Boot

Asked 26/6, 2017 at 1:44 Answered 16/5, 2021 at 10:2

java spring spring-boot openid openid-provider

I finished studying OpenID to understand its main features. The next step is an OpenID Provider program for my clients. My goal is to develop with SpringBoot (without using Spring Security).

I noticed that I have OpenID Connect, MITREid as options. But none presents a tutorial on how to create a customer and supplier of one.

On another topic, found links from IBM, however, are all out of thin air.

It would be of great importance a simple tutorial as a kick start for the OpenID Provider development for my application.

Troposphere answered 26/6, 2017 at 1:44 Comment(0)

I appreciate that this is a year after the OP's question, but I found some more information whilst doing my own research into the same subject.

There is a Spring Boot port of MitreId available here which I found very useful as a working example.

I also want to mention that the Mitre is available as a Maven Dependency

I hope this helps the next person visiting this page !

Mirandamire answered 24/6, 2018 at 16:30 Comment(1)

Thanks for this. Any chance you could give a brief explanation of how to use the example? I have it in Eclipse but don't know how to run it. TIA! – Orenorenburg 18/12, 2018 at 12:10

Update 2022

Spring Authorization Server is a supported Spring Security project that should go GA in November 2022

Original

It rarely makes sense for someone to roll-their-own OpenID Connect Provider. It's not trivial. MitreID Connect even uses Spring Security for part of their code. If you want to use MitreID Connect but as "spring-boot", you can look at some ports of mitreid connect to spring-boot and java config...but I'm not certain they are maintained.

By the way, what do you mean by

none presents a tutorial on how to create a customer and supplier of one.

Do you mean how to use mitreid connect?

Anyway, unless you really know what you're doing, I'd recommend working with an existing OpenID Connect Provider. See: http://openid.net/developers/certified/

Supportable answered 26/6, 2017 at 2:33 Comment(1)

What's the current status in 2024? – Gotama 15/7 at 12:31

Meanwhile there is a Spring communtity-driven project: Spring Authorization Server it was announced in April 2020 on Spring Blog.

<dependency>
    <groupId>org.springframework.security.experimental</groupId>
    <artifactId>spring-security-oauth2-authorization-server</artifactId>
    <version>0.1.1</version>
</dependency>

Its current version is 0.1.1 available since May 2021. (Version 0.1.0 is available since February 2021)

Tuturial: Baeldung Spring Security OAuth Authorization Server

Drus answered 16/5, 2021 at 10:2 Comment(1)

aren't authorization server and identity provider two different worlds (may be in one universe)? – Amino 24/6 at 23:7

Recommended topics

Hot tags