Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
3.3k views
in Technique[技术] by (71.8m points)

Spring Security OpenID Connect + Another Factor Authentication

I am building a Spring Boot application (MVC) and configured OIDC authentication. I would like to add a second-factor authentication step to my app, but I can't figure out how to do so. The flow that I want to implement is as follows:

  1. my app receives a valid OIDC token from the OIDC Provider (at this point Spring typically creates the session in my application. But I need to do some further validation steps before creating the session)
  2. my app makes an API call to a 3rd party service to check if further authentication steps are needed
  3. if needed asks the user for further data (an OTP or something else)
  4. my app makes an API call to a 3rd party service to check the further data received from the user
  5. if valid an application session is created by Spring

What is needed in terms of configurations/extensions to achieve the above?


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
等待大神答复

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...