I/O error on GET request for "https://localhost/application/o/{name}/.well-known/openid-configuration": Connection refused

[briclabs]

I'm trying to hook up Spring Security to use a basic Authentik setup. Authentik is running in Docker via Docker Compose, as is my Spring Boot service.

FYI, I've replaced the name of my application with {name} in my question; its not actually {name} in my config.

I've tried the following roots for the URIs in my application.yaml file:

localhost
http://localhost
https://localhost
http://{name of container}
{name of container}
0.0.0.0

Authentik is running on port 80/443. It has the vanilla self-signed cert. If I go to the following URL in a browser, I get the JSON response as expected:

http://localhost/application/o/{name}/.well-known/openid-configuration

I can't for the life of me figure out why I can't get Spring Security to talk to Authentik on startup. I've been at this for days.

[briclabs]

My Spring Security config from my latest attempt, after having removed the 80/443 override from .env:

spring:
 {snip}
  security:
    oauth2:
      client:
        registration:
          authentik:
            client-name: evcoordinator
            client-id: evcoordinator
            client-secret: {snip}
            authorization-grant-type: authorization_code
            redirect-uri: http://localhost:8080/login/oauth2/code/evcoordinator/
            scope:
              - openid
        provider:
          authentik:
            issuer-uri: http://localhost:9000/application/o/evcoordinator/
            token-uri: http://localhost:9000/application/o/token/
            authorization-uri: http://localhost:9000/application/o/authorize/
            user-info-uri: http://localhost:9000/application/o/userinfo/
            user-name-attribute: name
      resourceserver:
        jwt:
          issuer-uri: http://localhost:9000/application/o/evcoordinator/
          jwk-set-uri: http://localhost:9000/application/o/evcoordinator/jwks/

[briclabs]

Found the solution. No modification necessary to the Authentik docker compose file. Modification was necessary for my app's docker compose file, however. I had to add the Authentik network to my app's container, and add this at the bottom:

networks:
  authentik_default:
    driver: bridge
    name: authentik_default
    external: true

Name of the network was ascertained by doing a docker network ls while Authentik was running. That told me the name of the Authentik network. I then modified my application.yaml so it looked at the container name instead of localhost. I was able to obtain the container name of Authentik's "server" container via docker container ls. Hope this helps someone else!