Open Id Connect Auth Server (MitreId Open Id Connect Implementation) with Satellizer

[AnanthRamchandran]

Hi, I have a 3 application setup as follows

a) Auth Server : MitreId Open Id Connect Implementation (github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server). (Deployed to wildfly) (https://localhost:8443/openidconnect/

b) Angularjs Client : Angularjs Client deployed to Xampp Server.(https://staticserver.local/LoginTest/)

c) Rest BackEnd Application : Java based Rest Application.(https:/localhost:8443/restapi/

Initially I had the Angularjs Client application supported by a Java Spring configuration which had the client configured and was responsible for generating the access tokens without making a call to the rest api.

Now I am planning to remove the Java-spring based client configuration and moving the client config to the angularjs app so as to reduce maintenance of wars from 3 to 2.Now I want the Angularjs app to be responsible for generating access token but in the examples I have looked at using satellizer it mentions that I need to use the Rest Api to complete the access token.

I have managed to login and authorize the client and the token is generated in the popup but am not able to access it on the angularjs client. I get the below error https://staticserver.local/https://localhost:8443/openidconnect/token Failed to load resource: the server responded with a status of 403 (Forbidden).

Below is my congiuration :

  MDHSOne.config(function($authProvider){
$authProvider.loginUrl = 'https://localhost:8443/openidconnect/login';
$authProvider.baseUrl =  '/';
$authProvider.oauth2({
  name: 'openidconnect',
  url: 'https://localhost:8443/openidconnect/token',
  redirectUri: 'https://staticserver.local/LoginTest/',
  clientId: 'ID',
  requiredUrlParams: ['scope'],
  scope: ['openid','profile','address','phone','email'],
  scopeDelimiter: '+',
  authorizationEndpoint: 'https://localhost:8443/openidconnect/authorize'
});
  });

Sorry if I made no sense but could you please point me in the right direction. Thanks in advance

[wramirez007]

Hello, I have the same problem, please help me.

[AnanthRamchandran]

Hello wramirez2401. After looking into Mitre Id Open Id Connet, CAS and internal implementation of auth server, I decided to go with spring cloud secured with oauth2. The angularjs app has the java configuration,feign clients and hysterix end points. I could not get anywhere with Satellizer. I feel after going through the documentation, Satellizer is very good when you are using authentication provided by third party apps ( google, fb etc). My specific requirement was not to have the authorize page to show up after after landing on site page so I dropped this idea. Hope that helps.