Matt Raible
Check out Add Authentication to Your Angular PWA for information on how to deploy an app like this one. It shows how to deploy to Cloud Foundry and Heroku.
Bill Xiong
awesome post! this is the perfect tech stack so far.
Matt Raible
This typically happens when you forget to add (or register) the AuthInterceptor that adds the access token to the Authorization header.
tjm1706
When running with Openjdk/172 I get this error: InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty. Why?
tjm1706
When using Firefox, the app is not redirected to the okta login. When using Chrome, everything works ok. Why?
Matt Raible
Do you see any errors in your developer console? It should work just fine with Firefox.
Matt Raible
I’ve never seen this error before and I’m unsure what Openjdk/172 is. Are you using Java 1.7? This post requires you to use Java 8.
tjm1706
Yes, I use Openjdk 8, build(number) 172.
AND … thank you for the nice post!
tjm1706
Firefox had to think it over for a night … now it works! Just started the server and then the client.
Matt Raible
Does it work now, or are you still getting an error about the trustAnchors?
tjm1706
Nope, it does not work. It must be some general setup of OpenJDK 8.
Matt Raible
That stinks. I’ve created an issue for this problem. Please subscribe to the issue on GitHub if you’d like to be notified of updates.
global leads
Pretty! This was an incredibly wonderful post. Thank you for supplying this information.
Angular 7 Training in Bangalore
AngularJS Training in Bangalore
Javier Arroyo
Awesome blog, question how would I obtain info on the user in the spring boot backend up? I ran accros this: https://developer.okta.com/…
But that seems to return null for user when implemented
Matt Raible
There’s a similar question on our developer forums. You should be able to use something like the following when you have Spring Boot setup as a resource server.
@GetMapping("/")
public String index(@AuthenticationPrincipal Jwt jwt) {
return String.format(“Hello, %s!”, jwt.getSubject());
}
In JHipster, we use the following logic in a UserService.java class:
public UserDTO getUserFromAuthentication(AbstractAuthenticationToken authToken) {
Map<string, object=""> attributes;
if (authToken instanceof OAuth2AuthenticationToken) {
attributes = ((OAuth2AuthenticationToken) authToken).getPrincipal().getAttributes();
} else if (authToken instanceof JwtAuthenticationToken) {
attributes = ((JwtAuthenticationToken) authToken).getTokenAttributes();
} else {
throw new IllegalArgumentException(“AuthenticationToken is not OAuth2 or JWT!”);
}
User user = getUser(attributes);
user.setAuthorities(authToken.getAuthorities().stream()
.map(GrantedAuthority::getAuthority)
.map(authority -> {
Authority auth = new Authority();
auth.setName(authority);
return auth;
})
.collect(Collectors.toSet()));
return new UserDTO(syncUserWithIdP(attributes, user));
}
We do this because Spring Security’s AbstractAuthenticationToken is the parent of both types of tokens (OAuth2AuthenticationToken for oauth2Login() and JwtAuthenticationToken for oauth2ResourceServer()).
Hope this helps!
Javier Arroyo
Yep definitely helped the first snippet did the trick for me i.e.:
@GetMapping("/")
public String index(@AuthenticationPrincipal Jwt jwt) {
return String.format(“Hello, %s!”, jwt.getSubject());
}