I’ve been working with Spring WebFlux and OAuth2, specifically implementing OIDC with WebSession. Once a user is authenticated and has a session, I would like to update the
state parameter on
org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest and manually trigger re-authentication, either from a service or a web filter.
Here’s a brief overview of my setup:
- Framework: Spring WebFlux
- Authentication: OAuth2 with OIDC (using WebSession)
- Goal: Update the
stateparameter post-authentication and manually trigger re-authentication.
I have already implemented a custom
ReactiveOAuth2AuthorizationRequestResolver. However, it seems to work only with the default authentication workflow. I’m trying to find a way to customize the authorization process and trigger it again manually, post-authentication.
If anyone has experience with this or can provide guidance, it would be greatly appreciated!