SSO server won't redirect to web

[keeplearningandtrying]

This is what I have tried against the latest commit in main branch

1. Map 127.0.0.1 to auth-server in my local hosts file
2. Start sso application
3. Start api application
4. Start web application
5. Hit web application by going to http://localhost:8000
6. I was redirected to sso application login url at: http://auth-server:9000/login
7. Enter credential: josh/control
8. I then got this sso error url = http://auth-server:9000/error?response_type=code&client_id=air-traffic-control&scope=openid%20flights:read%20flights:write&state=89B_tqK-vGVQLLPdbujyMxUGr5J2d6A2PdzJOmjUC-A%3D&redirect_uri=http://localhost:8000/login/oauth2/code/air-traffic-control-client&nonce=QVIN4qjrngwR_pl0jVoYIw8theirJRArL8OOQ8yomh4

As a side note, I also tried the samples from spring-authorization server project - https://github.com/spring-projects/spring-authorization-server/tree/main/samples and it works as expected.

[marcusdacoregio]

Thanks for reaching out @keeplearningandtrying.

Can you try accessing http://127.0.0.1:8000 instead of http://localhost:8080 and confirm if it works?

The redirectUri points to 127.0.0.1 instead of localhost.

[keeplearningandtrying]

@marcusdacoregio thanks for looking into this. I just tried this:

1. Start sso application
2. Start api application
3. Start web application
4. Hit web application by going to http://127.0.0.1:8000
5. was redirected to sso application login url at: http://auth-server:9000/login Enter credential: josh/control
6. I can see the "Consent required" page Check both flights:read and flights:write Click "Submit Consent" button
7. I was redirected back to http://127.0.0.1:8000/ but with an 404 error page
8. Then if I hit http://127.0.0.1:8000/flights, it returned back correct data. So does http://127.0.0.1:8000/user/info. The gateway from web to api is great.
9. If I hit http://127.0.0.1:8000/app/, I still got the 404 error page.

Thanks for looking into this. BTW, great presentation and great examples!

[sjohnr]

Hi @keeplearningandtrying, thanks for watching the presentation and the great feedback!

When using http://localhost:8000, this is a known issue in the Spring Authorization Server. However I have not yet come up with a good way to improve the developer experience around identifying and solving the error. Ultimately, it is an invalid_request error response on the redirect_uri parameter, but that error code doesn't come over to the client side due to an internal forward to /error on the auth server side.

As for the 404 error when using http://127.0.0.1:8000, I can't seem to reproduce that locally. Are you using a particular browser or OS combo that might reproduce the issue? (I'm using the latest version of FIrefox on MacOS 11.6)

[keeplearningandtrying]

@sjohnr , I tried on both MacOS and Windows 10 with Firefox and Chrome. I didn't get it work on Windows however it worked once for http://localhost:8000 on MacOS and then it stopped working after that. However like I mentioned, hit other restful endpoints through gateway works just fine.

Thanks for looking into this.

[sjohnr]

@keeplearningandtrying, how are you starting the web application? Are you using the gradle command or starting it through an IDE? I wonder if it's an issue with your machine and the UI build? @marcusdacoregio any ideas?

[marcusdacoregio]

I tried running it on my Windows 10 machine as well and it worked fine. I guess that there is some tiny detail that we are missing in your setup. Maybe if you provide every version and a detailed step-by-step we can simulate it.