Proxy for Spring Security for React + OIDC

Hello,

I followed the example here (https://developer.okta.com/blog/2018/07/19/simple-crud-react-and-spring-boot) to create a Spring + react application with my corporate okta issuer. Works fine when I am not connected to the corporate network.
When I am connected to the corporate network, I get the below error:

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name ‘clientRegistrationRepository’ defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/client/servlet/OAuth2ClientRegistrationRepositoryConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository]: Factory method ‘clientRegistrationRepository’ threw exception; nested exception is java.lang.IllegalArgumentException: Unable to resolve Configuration with the provided Issuer of “<corporate.issuer.okta.com>”
Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for “https://amex.okta.com/.well-known/openid-configuration”: Operation timed out (Connection timed out); nested exception is java.net.ConnectException: Operation timed out (Connection timed out)

The application won’t even start up because of this connection issue. I have tried passing the corporate proxy in the VM Args

-Dhttp.proxyHost=proxy.corp.com -Dhttp.proxyPort=8080 -Dhttps.proxyHost=proxy.corp.com -Dhttps.proxyPort=8080

But it does not seem to take the proxy. When I am not connected to my corporate network, I am able to start the application and I am able to see the UI redirect to the okta login, etc.

How can I have spring security talk to Okta issuer through proxy?

Possibly your corporate proxy server requires a username and password also:

-Dhttps.proxyHost=host
-Dhttps.proxyPort=port
-Dhttps.proxyUser="user"
-Dhttps.proxyPassword="password"

You might also want to check and match your proxy settings/configuration that you have in browser.

Also, check if your corporate proxy is of socks type (you’ll have to use -Dsocks.proxyHost=host etc in that case).