Build a Java REST API with Java EE and OIDC

Build a Java REST API with Java EE and OIDC

This article shows you how to build REST API with Java EE, run it on Apache TomEE, and secure it with JWT and OIDC.

Melvin Moses

hi,

I have done the procedures under the heading “Protect Your Java REST API with JWT Verifier”. But I got the error in browser developer console. I think I got some issues with filter procedures you have mentioned. The error is like this “Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://localhost:8080/good-beers. (Reason: CORS request did not succeed)”. Any help would be appreciable.

Matt Raible

Hello Melvin, it sounds like your CorsFilter isn’t getting invoked. Did you make sure and create a web.xml and add it? You might try comparing your code with the jwt-verifier branch on GitHub.

Melvin Moses

https://uploads.disquscdn.c…

Thanks Matt,
I have checked the github codes but I got problems like "missing token ‘authorization’ in CORS header " and “Invalid value for ‘client_id’ parameter.”. I have rechecked the client id parameter but it still the same. I’m here uploading the developer console. Please check.

Matt Raible

Did you change the code from GitHub to use your Okta tenant? The settings in the code on GitHub won’t work because I regularly delete apps on Okta after I post the code (as a security measure). The getting started instructions (or this blog post) will show you how to setup an app on Okta.

Melvin Moses

Thanks Matt,
I think I have followed all your steps correctly. I have changed the clientId and issuer url in JwtFilter and App.tsx with my app created in okta. Is anything need to change. Anyway what I want is I have an application having angular js 1.2 as front end and java rest webservice and spring 2 as back end. Can you please direct me how I can achieve sso using okta in this application.

Matt Raible

Setting the clientId and issuer URL in both the JwtFilter and App.tsx should be all you need to do. Unfortunately, we don’t have an AngularJS SDK. If you find an OIDC library for AngularJS, it’ll probably work with Okta. Another option would be to package your front end and back end code together in a single artifact and deploy them together. Deploy Your Secure Spring Boot + Angular PWA as a Single Artifact shows you how to do that.

habib815

Hello , It is a very nice and helpful site to worldwide , Looking to convert List to String Java? Lets have a look at how to convert a Java Collections List of elements to a String in Java.list to string java If you want visit my site https://www.tracedynamics.c…

Rahul Kumar

Hi
I am try to implement okta SSO using java spring without spring boot.

I have gone through this article, It is not working…

For e.g.
1) JwtFilter doesn’t contains logic to redirect to login page if authorization is null, how it work, in my case it is keep on getting loop for some time, as initial load multiple .js file

I tried using spring security, it is not working as I see compilation error for SecurityConfiguration, below method defined twice without overload.
@Bean
public ClientRegistrationRepository clientRegistrationRepository() {
List<clientregistration> registrations = clients.stream()
.map(this::getRegistration)
.filter(Objects::nonNull)
.collect(Collectors.toList());

return new InMemoryClientRegistrationRepository(registrations);
}

@Bean
public ClientRegistrationRepository clientRegistrationRepository() {
ClientRegistration okta = getRegistration();
return new InMemoryClientRegistrationRepository(okta);
}

Matt Raible

Are you able to clone the Spring Security example and make that work?


git clone -b spring-security GitHub - oktadev/okta-java-ee-rest-api-example: Java EE REST API + Security with JWT and OIDC

The repo’s README has instructions on how to configure it to work with your Okta org.

Thaneshwar

Hi, I am getting bad request https://uploads.disquscdn.c… error when i click Login on React App, after setup backend as pac4j and frontend react js and i also added client_id,issure_id and domain, but may be i am doing something wrong in okta side

Matt Raible

When you get this error, it means that the redirect URIs in your app don’t match what you’re passing in. In this case, you’re passing in “http://localhost:3000/implicit/callback”. I can see it in your browser’s address bar. If you add this URL to your app’s redirect URIs, it should work.

Thaneshwar

Yes, now it’s working, thank you very much for the quick help.

Adrian Campanaro

https://uploads.disquscdn.c… I had a similar error
https://uploads.disquscdn.c…