I have a Full Stack application, with React on the frontend and Spring Boot on the backend, and I would like to make this application consume the authentication service of another application.

Does anyone have an idea how to do this, or has done something similar please?

My idea is that in React, my front end, I have a login screen directed to the external authentication service, and that the SpringBoot APIs are also secured by the external authentication service

I have a large e-commerce application, with built-in authorization OAuth server. And these days I'm developing several standalone systems (with springboot and react) to extend my e-commerce capabilities. I'm trying to get all these independent systems to use my e-commerce authentication service

CodePudding user response：

Maybe you can try to implement your own AuthenticationProvider, something like

public class ThirdPartyAuthenticationProvider implements AuthenticationProvider {

    @Override
    public Authentication authenticate(Authentication auth) thows AuthenticationException {
        // call third party site with auth.getPrincipal() and auth.getCredentials() (those are username and password)
        // Throw AuthenticationException if response is not 200
        return new UsernamePasswordAuthenticationToken(...);
    }

    @Override
    public boolen supports(Class<?> authCls) {
        return UsernamePasswordAuthenticationToken.class.equals(authCls);
    }
}

After that you can override the configure(AuthenticationManagerBuilder) method in your SpringSecurityConfig:

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    // authProvider = instance of ThirdPartyAuthenticationProvider
    auth.authenticationProvider(authProvider); 
}