Implementation of Custom LoginHandler

[clee0718]

Hi all, I'm currently implementing the OpenID Connect flow. Currently I'm setting the micronaut.security.authentication to idtoken. However, I think we need our own custom LoginHandler since the current IdTokenLoginHandler isn't sufficient. I read in the micronaut security doc that I can provide my own implementation, but I've tried various things and couldn't get the flow to call our custom LoginHandler. Can someone help? Much appreciated!

A little background on the current project:
We're enabling single sign-on for a web app. Once we authenticate with the external authentication provider, our backend will extract information from the provider's JWT and then create our own JWT token to return to the frontend.

[sdelamo]

When you set micronaut.security.authentication to idtoken, it registers a LoginHandler for you.

see:

package com.softamo.concertados.http;

import io.micronaut.context.BeanContext;
import io.micronaut.context.annotation.Property;
import io.micronaut.security.handlers.LoginHandler;
import io.micronaut.security.oauth2.endpoint.token.response.IdTokenLoginHandler;
import io.micronaut.test.extensions.junit5.annotation.MicronautTest;
import jakarta.inject.Inject;
import org.junit.jupiter.api.Test;

import static org.junit.jupiter.api.Assertions.assertTrue;

@Property(name = "micronaut.security.authentication", value = "idtoken")
@MicronautTest(startApplication = false)
class LoginHandlerTest {
    @Inject
    BeanContext beanContext;
    @Test
    void loginHandler() {
        assertTrue(beanContext.containsBean(LoginHandler.class));
        assertTrue(beanContext.containsBean(IdTokenLoginHandler.class));
    }
}

Write a test in your application to verify the framework resolves the bean of type LoginHandler to the class you want. If you want to roll your own, remove micronaut.security.authentication=idtoken

[clee0718]

I did try removing the micronaut.security.authentication=idtoken but /oauth/login/provider url would return a 303 status. Do I need to do anything special to my custom LoginHandler so OpenId flow would work?