spring-security icon indicating copy to clipboard operation
spring-security copied to clipboard
verified publisher icon spring-projects

Add SAML 2.0 Grant Type support

Open jzheaux opened this issue 2 years ago • 8 comments

As detailed in RFC 7522. It would be nice for institutions needing to formulate a bridge between SAML 2.0 authentication and OAuth 2.0 authorization.

jzheaux avatar Nov 15 '23 23:11 jzheaux

Related spring-projects/spring-authorization-server#1270

jgrandja avatar Nov 25 '23 16:11 jgrandja

Hi, are you considering starting to implement this issue.

opcooc avatar Dec 10 '24 14:12 opcooc

@opcooc Not at the moment since there is very little demand for this feature given there is only 1 upvote.

jgrandja avatar Dec 11 '24 16:12 jgrandja

@jgrandja OK, Additionally, do you have a general implementation idea? If so, could you share it? I would like to try it out locally.Thank you.

opcooc avatar Dec 12 '24 02:12 opcooc

@opcooc No I don't have a general implementation idea. Honestly, I haven't even read the spec.

jgrandja avatar Dec 12 '24 09:12 jgrandja

@jgrandja OK, Thank you.

opcooc avatar Dec 12 '24 09:12 opcooc

Hello, I tried by myself and I've been able to easily configure the login to an external saml identity provider. The problem is that the application expects in return from the login flow an authorization code that the saml login doesn't supply. Any suggestion on how to add the authorization code generation after the saml login? Adding this part the client could continue the authorization flow and exchange the authorization code for an access token as usual.

riccardolunghi avatar Mar 01 '25 16:03 riccardolunghi

This issue was transferred from spring-projects/spring-authorization-server (see spring-authorization-server#2195)

jgrandja avatar Dec 10 '25 10:12 jgrandja