Hello. I’m currently learning Okta auth, and I’m trying to use Okta on a simple Spring Boot App, but there are some nebulous details
Following are some of the cofigurations I’ve done so far:
application.properties:
okta.oauth2.issuer=${OktaUri}/oauth2/default
okta.oauth2.client-id=${clientId}
okta.oauth2.client-secret=${clientSecret}
Configuration Adapter:
@Configuration
class OktaOAuth2WebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest().authenticated();
}
}
And a simple endpoint:
...
@GetMapping(value = "/rewards")
public ResponseEntity<List<ResultDTO>> findAll(){
return ResponseEntity.ok(resultService.findAll());
}
Lastly, my sign-in login conf on admin dashboard:
I’m running the server on http://localhost:8082, but there are two things that aren’t clear to me:
-
When I access
http://localhost:8082/oauth2/authorization/okta
I receive a bad request (400) response
- That affects my request on postman, for example, which redirects to:
https://dev-8085748.okta.com/oauth2/default/v1/authorize?response_type=code&client_id=xxx&scope=profile%20email%20openid&state=xxx%3D&redirect_uri=http://localhost:8082/login/oauth2/code/okta&nonce=xxx
- That affects my request on postman, for example, which redirects to:
As you can see I have http://localhost:8082 in my sign-in settings, I’m missing something?
- If I configure a redirect_uri in the application.properties file (
okta.oauth2.redirect-uri=https://dev-8085748.okta.com
, for example) it doesn’t replaces the redirect uri, but adds, resulting in that response:
Is that a bug, or there is a way to replace the redirect_uri completely? How can I set where to redirect?