My on-site openid provider requires nonce


#1

I’m seeing failures in my shinyproxy logs when the oauth2 implementation goes through the login cycle. Is there a way to push even the most basic nonce capability into the spring security? Thanks!


#2

Hi @travis,

Thank you for your request. As soon as Spring Security supports it, we can add this. Maybe you can vote on https://github.com/spring-projects/spring-security/issues/4442? Is this a known OpenID provider in case we would want to test? Don’t hesitate to create an issue on Github to further discuss.

Best,
Tobias