Java client authentication

jdtommy · July 1, 2020, 11:28pm

After using the Okta Java Authentication SDK to obtain a session token, how would I exchange this for IDToken/AccessTokens?? Am I going about this wrong for a Native Java Client Application? This is NOT an application with a Browser frontend. The server is accessed by API calls that we are trying to move to Okta for user management and JWT creation. What is the best way to go about this with Okta?

phi1ipp · July 2, 2020, 2:59am

You would need to sign into the OIDC/OAuth application created in Okta to represent your native application. Something like that should give you some info - https://developer.okta.com/blog/2018/12/13/oauth-2-for-native-and-mobile-apps

jdtommy · July 2, 2020, 5:58am

My problem is the redirect that happens with the /authorize endpoint that is returning the auth code I need to give the /token endpoint. Do I need to create a api endpoint for that redirect and then just forward the code and state values back as a response to that redirect? I guess in doing that the initial request to the /authorize endpoint word return to me the code in the body. I was hoping that since this is a Native desktop application I would not have to deal with the redirect. Thoughts?

phi1ipp · July 2, 2020, 1:10pm

Oh man, I wish I had some experience with native apps… But thinking out loud, I can suppose that it should be not too much different from SPA. When SPA is redirected to /callback with code it doesn’t really redirects user to any site, only captures this code and calls /token. I assume, that it’s possible to do in the native app as well, no?

Sorry, man, haven’t had a chance to mess with native apps… yet… I hope

phi1ipp · July 2, 2020, 7:35pm

Did some research out of curiosity and recalled that a special URI is used for native clients. Check this section: https://github.com/openid/AppAuth-Android#capturing-the-authorization-redirect

It’s defined in this RFC https://tools.ietf.org/html/rfc8252

jdtommy · July 2, 2020, 8:32pm

Yeah, saw that. That works on android because it knows how to handle that redirect url natively. Can’t use it outside of android.

phi1ipp · July 2, 2020, 8:47pm

Have you checked 7.3 in RFC? It’s about desktop

jdtommy · July 2, 2020, 9:39pm

Huh… Missed that. That is an interesting trick. I’ll give it a try. Thanks for the info!

system · January 24, 2024, 8:13pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Troubles getting my accessToken in my java backend app OAuth/OIDC java	3	6079	January 12, 2024
How can I exchange a session_token for an access_token in the backend OAuth/OIDC	10	9088	January 17, 2024
Issues in getting the access token OAuth/OIDC	2	4351	November 14, 2018
Need help with hitting okta /authorize endpoint for access token OAuth/OIDC	2	3139	September 20, 2022
OKTA OIDC native application integration OAuth/OIDC	1	1398	February 16, 2024

Java client authentication

Related topics