Quarkus OIDC with Google One Tap Login: JsonWebToken and SecurityIdentity Not Working as Expected

145 views Asked by pinei At 11 September 2023 at 14:41

I'm trying to get the Google One Tap Login authorization mechanism to work with Quarkus OIDC.

The frontend is able to delegate authentication to Google and redirect the JWT token back to the backend.

 <div class="ui signin">
   <div id="g_id_onload"
   data-client_id="xxx.apps.googleusercontent.com"
   data-login_uri="http://localhost:5173/api/session/oauth/google"
   data-auto_prompt="true">
 </div>
</div>

The backend receives the request, but the JsonWebToken is being ignored. In the code below, jwt is an instance of NullJsonWebToken and securityIdentity references an AnonymousIdentityProvider.

I suppose that the Quarkus OIDC mechanism is ignoring the request from Google's authenticator because Quarkus didn't initiate the process, which is why there are missing control details like state, etc., in the request.

How can I get this to work?

@Path("/session")
public class SessionController {

    @Inject
    JsonWebToken jwt;

    @Inject
    SecurityIdentity securityIdentity;

    @POST
    @Path("/oauth/google")
    @Produces("text/html")
    public String processGoogleCredentials() {
        // ...
    }
}

The application.properties did not help.

quarkus.oidc.provider=google
quarkus.oidc.client-id=xxx.apps.googleusercontent.com
quarkus.oidc.credentials.secret=xxx
quarkus.oidc.authentication.redirect-path=/session/oauth/google

Original Q&A

TechQA.

Quarkus OIDC with Google One Tap Login: JsonWebToken and SecurityIdentity Not Working as Expected

There are 0 answers

Related Questions in GOOGLE-OAUTH

Related Questions in QUARKUS

Related Questions in GOOGLE-ONE-TAP

Related Questions in QUARKUS-OIDC

Popular Questions

Popular Tags

Trending Questions