POC : need to clean

pom.xml

@@ -13,7 +13,7 @@
     <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
     <quarkus.platform.artifact-id>quarkus-bom</quarkus.platform.artifact-id>
     <quarkus.platform.group-id>io.quarkus.platform</quarkus.platform.group-id>
-    <quarkus.platform.version>3.17.3</quarkus.platform.version>
+    <quarkus.platform.version>3.17.6</quarkus.platform.version>
     <skipITs>true</skipITs>
     <sonar.qualitygate.wait>true</sonar.qualitygate.wait>
     <surefire-plugin.version>3.2.3</surefire-plugin.version>

src/main/java/fr/numeco/misis/security/resource/AuthenticateResource.java

 package fr.numeco.misis.security.resource;
 
-import java.net.URI;
-
 import fr.numeco.misis.security.dto.UserInfosDto;
 import fr.numeco.misis.security.service.impl.DefaultAuthenticatedUserService;
 import io.quarkus.oidc.UserInfo;
 import io.quarkus.security.Authenticated;
+import io.quarkus.security.identity.SecurityIdentity;
 import jakarta.annotation.security.PermitAll;
 import jakarta.inject.Inject;
 import jakarta.ws.rs.GET;
@@ -16,24 +15,30 @@ import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.Response;
 import jakarta.ws.rs.core.SecurityContext;
 
+import java.net.URI;
+
 @Path("/oauth2")
 @Authenticated
 public class AuthenticateResource {
 
+    private static final String FRONTEND_URL = "http://localhost:4200/";
+
     @Inject
     UserInfo userInfo;
+    @Inject
+    SecurityIdentity securityIdentity;
 
     @GET
     @Produces(MediaType.APPLICATION_JSON)
     public Response login() {
-        URI redirectUri = URI.create("/");
+        URI redirectUri = URI.create(FRONTEND_URL);
         return Response.seeOther(redirectUri).build();
     }
 
     @GET
     @Path("/callback")
     public Response callback() {
-        URI redirectUri = URI.create("/");
+        URI redirectUri = URI.create(FRONTEND_URL);
         return Response.seeOther(redirectUri).build();
     }
 

src/main/resources/application-dev.properties

@@ -27,5 +27,9 @@ analyzer.fake=true
 analyzer.remote-browser=false
 quarkus.http.cors=true
 quarkus.http.cors.origins=/.*/
+quarkus.http.cors.access-control-allow-credentials=true
 # OIDC
-quarkus.oidc.auth-server-url=http://localhost:8088/realms/quarkus
\ No newline at end of file
+quarkus.oidc.auth-server-url=http://localhost:8088/realms/quarkus
+quarkus.oidc.authentication.redirect-path=http://localhost:8080/oauth2/callback
+quarkus.oidc.logout.path=/oauth2/logout
+quarkus.oidc.logout.post-logout-path=http://localhost:4200/

src/main/resources/application.properties

@@ -49,7 +49,7 @@ quarkus.oidc.authentication.force-redirect-https-scheme=false
 quarkus.oidc.authentication.nonce-required=true
 quarkus.oidc.authentication.pkce-required=false
 quarkus.oidc.authentication.redirect-path=/
-quarkus.oidc.authentication.scopes=openid given_name usual_name email
+quarkus.oidc.authentication.scopes=given_name usual_name email
 quarkus.oidc.authentication.session-age-extension=12H
 quarkus.oidc.authentication.user-info-required=true
 quarkus.oidc.client-id=backend-service
@@ -62,4 +62,4 @@ quarkus.oidc.token-cache.clean-up-timer-interval=1M
 quarkus.oidc.token-cache.max-size=65535
 quarkus.oidc.token-cache.time-to-live=12H
 quarkus.oidc.token.lifespan-grace=43200
-quarkus.oidc.token.verify-access-token-with-user-info=true
\ No newline at end of file
+quarkus.oidc.token.verify-access-token-with-user-info=true