Modifying state Parameter and Manually Triggering Reauthentication in Spring WebFlux with OAuth2

b.muhammad · October 16, 2023, 6:45am

Hello community!

I’ve been working with Spring WebFlux and OAuth2, specifically implementing OIDC with WebSession. Once a user is authenticated and has a session, I would like to update the state parameter on org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest and manually trigger re-authentication, either from a service or a web filter.

Here’s a brief overview of my setup:

Framework: Spring WebFlux
Authentication: OAuth2 with OIDC (using WebSession)
Goal: Update the state parameter post-authentication and manually trigger re-authentication.

I have already implemented a custom ReactiveOAuth2AuthorizationRequestResolver. However, it seems to work only with the default authentication workflow. I’m trying to find a way to customize the authorization process and trigger it again manually, post-authentication.

If anyone has experience with this or can provide guidance, it would be greatly appreciated!

Thank you!

dan.woda · October 20, 2023, 7:12pm

Hi @b.muhammad,

Welcome to the Auth0 Community!

Unfortunately I don’t have a solution for this, but I was able to find this answer on SO that seemed like a possible solution: customize state parameter with Oauth2client using spring security - Stack Overflow

Hopefully someone else here can weigh in.

system · November 8, 2023, 4:11pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.