Spring OAuth redirect_uri not using https

Question

I have a Spring Boot 1.3.0 application with Spring Security OAuth included as a sort of SSO integration.

The problem is that the application is running in a non-SSL

Answer 1

My answer is for people using latest spring version, as the answers suggested above didnt work for me. I am using Spring Boot 2.3.5.RELEASE.

I had a the same issue, I am using Azure AD for oauth2 authentication. My application runs behind the reverse proxy and redirect uri formed was taking http rather than https.

After reading the document https://docs.spring.io/spring-security/site/docs/5.2.x/reference/html/oauth2.html#oauth2Client-auth-code-redirect-uri , I added below line in the application.properties files and it worked for me

spring.security.oauth2.client.registration.azure.redirect-uri=https://{baseHost}{basePort}{basePath}/login/oauth2/code/azure