How to Build a JavaFX Desktop App with OIDC Authentication

How to Build a JavaFX Desktop App with OIDC Authentication

This tutorial shows you how to add OAuth 2.0 authorization and OIDC authentication in a JavaFX desktop app.

Aÿaz Péraçhaa

HI Andrew,

Thanks for a fantastic tutorial. Bravo!!

I have one question. I am able to compile the code and run it.

My user agent is running but giving me a blank screen. I am unable to authenticate with OKTA (I verified my URL is OK, I copied and pasted it in Chrome and its working, the only issue is with user agent):
https://uploads.disquscdn.c…

Can you please give me some idea. Thanks

Matt Raible

I just tried running this example and it worked for me. The only thing that was difficult was I had to use “dev-133320.okta.com” as my oktaDomain in app.properties, with no prefix or suffix. I’m on a Mac though, and it looks like you’re on Windows. I’m guessing you’re using Oracle JDK 8 or the project wouldn’t even compile.

Pierre Tardy

Hello, two questions from a security point of view:

I understand that the redirect URL is localhost. How do you protect against Man in the middle in this case (we don’t control localhost)

How do you protect the secret key in your JFX app?

It looks like any hacker with access to my app will be able to generate a rogue app that steal users bearer token.

Matt Raible

Hello Pierre,

Your first question is a good one. You could try using 127.0.0.1 instead of localhost. In most cases, the end user controls localhost, so I’m not sure “we don’t control localhost” is accurate.

As far as the secret key - you should never distribute one with your app. It should be possible to use authorization code flow with PKCE so you don’t need a client secret. However, the Microsoft library used in this tutorial hasn’t been updated since 2018 so I doubt it supports PKCE.

Ernesto Ivan Contreras Navarro

Did you find the solution to this problem? I’m making a javaFx application that uses okta, but I still get a blank page just like you

Hi
Were you able to resolce this?..it works on Mac but not on Windows. Windows shows blank screen (no username password inputs)
Thanks

Hi Matt

That’s right, it does not work on Windows. I see blank screen with no user name and password field. Please do let me now if you have some feedback.

Thanks

I tried following the instructions and running it on my Mac. There are no username and password fields that show for me (in the app). It does redirect me to Okta to log in and I do see the tokens after this succeeds. Are you getting redirected to Okta?

My settings in app.properties:

oktaDomain=dev-17700857.okta.com
oktaClientId=0oa4u...
oktaClientSecret=97qZvM...

I tried it on Windows 10 (via Parallels) and I can see the issue. It redirects to Okta but doesn’t show the login form. I’m sorry, I don’t know how to fix this.

Has this been addressed or worked around anywhere? Adapting the example given to my own project continues to give a mostly-blank page without login fields when viewed on a Windows machine (in this case, I’m running with OpenJFX 11)

Hello @MattLeidholm,

As far as I know, this example will only work with Oracle’s Java 8.