I finally bow to the Internet forces and am switching my public-facing Grails application from email based registration/verification to OpenID Connect (Github/Google/Microsoft). The app is running for eight years and was recently upgraded to Grails 5.1 and uses Spring Security.
A couple of years ago i got the Google integration working with some Oauth plugin (grails-spring-security-openid?) but that was under an older version of Grails. The latest version of the Spring-Security-Core plugin still runs fine under Grails 5 but the development of those Oauth plugins seem to have stopped a couple of years ago. Some of the plugins i have beem looking at are:
- http://grails-plugins.github.io/grails-spring-security-openid/
- https://github.com/grails-plugins/grails-spring-security-oauth2-provider
- https://www.baeldung.com/spring-security-openid-connect
My real question is ‘How to do OpenID Connect in Grails 5’ but the following points are more specific and show I have already done some work on this ;):
- Is there a Grails plugin that would give me a fighting chance to implement OpenID Connect in Grails 5 using Spring Security.
- Can the non-Grails org.springframework.boot.spring-boot-starter-oauth2-client plugin be used in a Grails 5 app.
- If there is no such plugin, is it possible to delegate the OpenID Connect-procedure to a different framework running on the same machine and continue with the acquired credentials in the Grails 5 app (a sort of single-signon).
