I’m trying to implement self hosted sign-in widget - for web application - using authorization code flow- wrt GitHub - okta/okta-signin-widget: Okta SignIn widget that renders the new login/auth/recovery flows
I’ve used showSignInAndRedirect() option hoping okta would send the response back to the redirectURI.
On the java side, I’ve a controller which is mapped to the requestMapping with the redirectURI - so hoping it would get the control back with the authentication principal. However after the /authorization call where it sends back the code in the URL, I’m getting error [authorization_request_not_found].
Error screenshot
am I missing anything here? Any help is appreciated.
Code =
login.html page
In the head tag, have below
<link href="https://global.oktacdn.com/okta-signin-widget/5.3.1/css/okta-sign-in.min.css" type="text/css" rel="stylesheet"/>
and then in the script tag
var config = { el : '#sign-in-widget', baseUrl: /*[[${oktaBaseUrl}]]*/ 'https://{yourOktaDomain}',
//el: '#okta-login-container',
clientId: /*[[${oktaClientId}]]*/ '{clientId}',
redirectUri: /*[[${redirectUri}]]*/ '{redirectUri}',
authParams: {
issuer: /*[[${issuerUri}]]*/ '{issuerUri}',
pkce: false,
responseType: ['code'],
scopes: ['openid', 'email', 'profile'],
pkce: false
}
};
const oktaSignIn = new OktaSignIn(config);
oktaSignIn.showSignInAndRedirect();
</sc ript>
Controller java code
@GetMapping("/")
public ModelAndView login(Authentication principal,HttpServletRequest request,
HttpServletResponse response) throws MalformedURLException {
//Check the principal and do something here
}