Hi,
I am implementing OIDC in my non-spring boot application. Below is my configuration for my OIDC client and I am trying to get the OAuth2AuthorizedClient from the OAuth2AuthorizedClientService, I am getting null. Basically the OAuth2AuthorizedClientService is not registering the client principal.
I was getting redirect to okta login page and getting redirected to my controller method after authentication with okta…
@Configuration
@EnableWebSecurity
@EnableOAuth2Client
public class ClientSecurityConfigurer extends WebSecurityConfigurerAdapter{
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/index/4_0/**")
.authenticated()
.antMatchers("/okta_login")
.permitAll()
.anyRequest()
.authenticated()
.and()
.oauth2Login()
.loginPage("/okta_login")
.clientRegistrationRepository(oktaRegistrationRepository())
.authorizedClientService(authorizedClientService());
}
@Bean
public OAuth2AuthorizedClientService authorizedClientService() {
return new InMemoryOAuth2AuthorizedClientService(oktaRegistrationRepository());
}
@Bean
public ClientRegistrationRepository oktaRegistrationRepository() {
return new InMemoryClientRegistrationRepository(this.oktaClientRegistration());
}
private ClientRegistration oktaClientRegistration() {
return ClientRegistration.withRegistrationId("okta").clientId("client id *********")
.clientSecret("client secret ********")
.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.redirectUriTemplate("http://localhost:9088/myApp/login/oauth2/code/okta")
.scope("openid", "profile", "email", "address", "phone")
.authorizationUri("https://myorg.oktapreview.com/oauth2/default/v1/authorize")
.tokenUri("https://myorg.oktapreview.com/oauth2/default/v1/token")
.userInfoUri("https://myorg.oktapreview.com/oauth2/default/v1/userinfo")
.userNameAttributeName(IdTokenClaimNames.SUB)
.jwkSetUri("https://myorg.oktapreview.com/oauth2/default/v1/keys").clientName("Okta")
.build();
}
}
initializer:
public class ClientSecurityInitializer extends AbstractSecurityWebApplicationInitializer {
public ClientSecurityInitializer() {
super(ClientSecurityConfigurer.class);
}
}
okta login page:
@Controller
public class LoginController {
@RequestMapping(value="/okta_login")
public String oktaLogin(){
return "redirect:/oauth2/authorization/okta";
}
}
my app controller:
@Controller
@RequestMapping("/index/4_0")
public class ClientController_4_0 {
@Autowired
private OAuth2AuthorizedClientService authorizedClientService;
@RequestMapping(value = "/client", method = RequestMethod.GET)
private String getIndex(Model model, HttpServletRequest req, OAuth2AuthenticationToken authentication) {
OAuth2AuthorizedClient authorizedClient = this.getAuthorizedClient(authentication);
OAuth2AccessToken token = (OAuth2AccessToken) authorizedClient.getAccessToken();
String tokenValue = token.getValue();
return "v4_0/client";
}
private OAuth2AuthorizedClient getAuthorizedClient(OAuth2AuthenticationToken authentication) {
return this.authorizedClientService.loadAuthorizedClient(
authentication.getAuthorizedClientRegistrationId(), authentication.getName());
}
}
i am getting null here
OAuth2AuthorizedClient authorizedClient = this.getAuthorizedClient(authentication);
I autowired the OAuth2AuthorizedClientService , where the auhtorizedClients were null, but the clientRegistrationRepository is getting loaded, as I loaded it from configuration… guess after authenticated, the client principal is not getting loaded as authorizedClients…
not sure of where I am doing wrong…any suggestion would greatly appreciated.