Hi,

I try to test my app locally and I have it deployed to my local minikube cluster.

When I try to login I am redirected to http://localhost/login?error and I get the “Invalid credentials” error.

When I run the app from my IDE (IntelliJ) and try login from localhost:8080 it works well.

What I am doing wrong?

My setup is below.

application.yml:

src/main/resources/application.yml

auth0:
  audience: <audience-id>
  domain: <my-domain>.eu.auth0.com

spring:
  security:
    oauth2:
      client:
        registration:
          auth0:
            client-id: <my-client-id>
            client-secret: <my-client-secret>
            scope:
              - openid
              - profile
              - email
        provider:
          auth0:
            # trailing slash is important!
            issuer-uri: https://my-domain.eu.auth0.com/

Allowed callback urls:

http://localhost:8080/callback,
http://localhost:3000/callback,
http://localhost/callback,
http://localhost:8080/login/oauth2/code/auth0,
http://localhost:3000/login/oauth2/code/auth0,
http://localhost/login/oauth2/code/auth0

Allowed logout urls:

http://localhost:8080,
http://localhost:3000,
http://localhost

The problem you are seeing most probably comes from the fact that session cookie is set to strict or none and http is being used. Session is used to correllate “state” attribute being passed back in login request from auth0.

If you have localhost development over http then set session cookie (JSESSIONID) to lax. That will cause cookies to be sent with login/oauth2/code/auth0 and authorization will complete successfully. Easiest thing to try is just set this in your spring boot app:
server.servlet.session.cookie.same-site=lax