Issue
I followed the below tutorial to deploy a Spring Boot web application locally that uses Azure AD:
https://dev.to/azure/using-spring-security-with-azure-active-directory-mga
This works well locally,and I have deployed the application to Azure App Service. To redirect correctly for Oauth I am configuring the Redirect URI on App Service, the Azure GUI expects an OAuth Redirect URI that begins with "https://" and Spring boot expects a redirect URI with the format "http://[domain]:[port]/login/oauth2/code/azure".
Is there a way to configure Spring to expect a URI beginning with "https://"
I tried updating the below application property which didn't help. There is workaround to use Type=Public client/native with an "http" URI. Is there a better solution?
spring.security.oauth2.client.registration.azure.redirect-uri-template={baseUrl}/login/oauth2/code/{registrationId}
Solution
In App Service, the front-ends are offloading the SSL. For Tomcat and WildFly images we added a filter that takes care of hydrating the context at the web worker machine.
Unfortunately, in cases when the customer brings their own Web Server such as Spring Boot, they will need to add custom logic like the one from our filters to workaround this.
Other option, is to rely on App Service to do the authentication by using App Service EasyAuth feature: https://docs.microsoft.com/en-us/azure/app-service/overview-authentication-authorization
Answered By - Joaquín Vano