Skip to content

spring-boot: move oauth2 configuration to secret-samples#32550

Merged
DanielFran merged 2 commits into
jhipster:mainfrom
mshima:oauth2-secrets
Mar 5, 2026
Merged

spring-boot: move oauth2 configuration to secret-samples#32550
DanielFran merged 2 commits into
jhipster:mainfrom
mshima:oauth2-secrets

Conversation

@mshima

@mshima mshima commented Mar 4, 2026

Copy link
Copy Markdown
Member

OIDC configuration should be customized by each application depending on its environment. To encourage this, the configuration should be moved to secret-samples, forcing users to explicitly customize it for the prod profile.

The dev profile enables secret-samples by default, and we also enable it in the scripts. Otherwise, the default configuration would be applied.

The suggested fix in #30206 is to remove the offline_access scope.
The offline_access scope was added a few years ago and, as far as I know, it is mainly used by the Ionic blueprint.

The initially proposed fix resulted in several PRs:

However, these PRs mainly introduce alternative configurations that are expected to be customized in production environments anyway.

Fixes #30206.


Please make sure the below checklist is followed for Pull Requests.

When you are still working on the PR, consider converting it to Draft (below reviewers) and adding skip-ci label, you can still see CI build result at your branch.

mshima added 2 commits March 4, 2026 23:01
OIDC configuration should be customized by each application depending on its environment. To encourage this, the configuration should be moved to secret-samples, forcing users to explicitly customize it for the prod profile.
@mshima mshima marked this pull request as ready for review March 5, 2026 13:44
@DanielFran DanielFran merged commit 4d7834c into jhipster:main Mar 5, 2026
65 checks passed
@mshima mshima deleted the oauth2-secrets branch March 5, 2026 16:47
@mraible mraible added this to the 9.0.0 milestone Mar 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

OAuth2: regular sso session never created on idp keycloak

3 participants