Authorization code with PKCE flow


#1

I am working on android, completed PKCE flow with Okta working successfully,
i need to execute my own service from android, for this need sample spring boot resource server application which suitable for native application (resource server which will works for PKCE flow).


#2

Hey @vgund9!

I’ll start with the easy part first :slight_smile:.

You can use the Okta Spring Boot starter (example), or Spring Boot OAuth2 directly (example).

For your native app, which framework/libraries are you using?


#3

I am using below android sample

Please suggest any spring boot resource server sample application which will work above sample


#4

Hey @vgund9,

Either of those examples above should work, but I’ll pass you on to @jmelberg, he can fill you in on any details using appauth.


#5

@bdemers same sample is worked for me, but when i am trying same flow with Postman getting some issues

https://dev-911159.oktapreview.com/oauth2/v1/authorize?client_id=0oaflou71a085ya920h7&response_type=code%20token&response_mode=fragment&scope=openid&redirect_uri=com.oktapreview.dev-911159:/callback&state=state-8600b31f-52d1-4dca-987c-386e3d8967e9&nonce=ba2feadb-ffc2-48db-9c6d-037afe48b392&code_challenge_method=S256&code_challenge=qjrzSW9gMiUgpUvqgEPE4_-8swvyCtfOVvg55o5S_es.

I tried with mobile app its working but not in postman can someone help me to resolve this?


#6

Did that happen on the redirect? or the original request?

Postman enables redirects by default, if that was a successful request, you would be redirected back to: com.oktapreview.dev-911159:/callback (which should only work from AppAuth)

-Brian


#7

It happen with original request


#8

Does it work from curl (or other command line tool). If you click on the code link you should have multiple options to run the command elsewhere.

Let us know!