My problem was in SecurityConfiguration and redirect-uri.

It's big mistake to link redirect-uri to my own rest controller, so now my redirect-uri is {baseUrl}/login/oauth2/code/{registrationId}

And for SecurityConfig

@Bean
  public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
    http.authorizeRequests(
            authorizeRequests ->
                authorizeRequests.antMatchers("/").permitAll().anyRequest().authenticated())
        .oauth2Login(
            oauth2Login ->
                oauth2Login
                    .loginPage("https://myExternalWebsite.integration.fr")
                    .successHandler(customAuthenticationSuccessHandler())
                    .failureHandler(customAuthenticationFailureHandler())
            );
    return http.build();
  }