I am configuring a REST app as a resource server. So following your blog/articles, I have integration with Okta working for a POC REST app, using Spring Boot 2.0.5 (w spring security 5.0.8), okta-spring-boot-starter 0.6.0, and spring-security-oauth2-autoconfigure 2.0.5. That’s what your example article is using, and I can get an access token from my okta developer auth service, and authenticate to the REST app with it, and everything works great.
I have to configure the https proxy host and port for the JVM, e.g. https.proxyHost, https.proxyPort, without setting those, i get connection failures hitting the okta auth service.
I’ve copied the app, upgraded to Spring boot 2.2.x (with spring security 5.2.2) and okta-spring-boot-start 1.3.0, and get connection timeout trying to hit the openid config, e.g. https://dev-nnnnnn.okta.com/oauth2/default/.well-known/openid-configuration
Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for “https://dev-nnnnnnn.okta.com/oauth2/default/.well-known/openid-configuration”: Connection timed out: connect; nested exception is java.net.ConnectException: Connection timed out: connect
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:748) ~[spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:651) ~[spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE]
at org.springframework.security.oauth2.client.registration.ClientRegistrations.lambda$oidc$0(ClientRegistrations.java:147) ~[spring-security-oauth2-client-5.2.2.RELEASE.jar:5.2.2.RELEASE]
at org.springframework.security.oauth2.client.registration.ClientRegistrations.getBuilder(ClientRegistrations.java:192) ~[spring-security-oauth2-client-5.2.2.RELEASE.jar:5.2.2.RELEASE]
It has to be the proxy config, seems the jvm system properties aren’t getting honored, the way they were with the older versions of boot and spring security. I suspect I’ve got to provide httpsProxy config to the RestTemplate being used by Spring Security’s Client Registration, but can’t seem to get it to work. Have tried using a RestTemplateCustomizer.
Do you have any examples of how to configure the proxy with these newer versions of Spring Boot and Spring Security?