Programatically login user with stateless JWT authentication

Hi,
I have been following @quintessential-ibex 's guide to get JWT Auth working:
https://vaadin.com/blog/jwt-authentication-with-vaadin-flow-for-better-developer-and-user-experience

As a next step I have the requirement to enable a certain “passwordless” authentication.
The idea is that my Vaadin App is opened with a special secret query parameter.
I then add a Security Filter which reads this secret and creates the JWT cookie for a pre-defined user or somehow logs him in.

In the example JWT Auth is automatically configured in SecurityConfiguration,java with

 setStatelessAuthentication(http, new SecretKeySpec(Base64.getDecoder().decode(authSecret), JwsAlgorithms.HS256), "com.example.application");

Is there a way how I can trigger what ever happens there programatically in a custom filter?

Or do you have better proposal how to approach such a use-case?

Sounds like you want SSO with e.g. a third party login provider like keycloak, okta or something similar. Implementing some magic number as security identify does not sound right.

@quirky-zebra I agree in a normal use case I would prefer a SSO solution however based on the setup and requirements it is currently unfortunately out of scope.

I have the same use case

Wow 3 in a row this week… we need to find solution…. And I’m sure we will find out at the end was just a small tweak :upside_down_face:

Thanks for the questions! I’m looking for a solution and will get back to you once find something meaningful.