Spring Boot application is not able to validate the token Returned from Okta

Rajeev · June 3, 2019, 9:53pm

Hi,
I have a SPA in React which is calling a Service (written in spring boot) passing the access token. In Spring boot service i have enabled Resource server (@EnableResourceServer) and added the property security.oauth2.resource.user-info-uri=https://dev-251759.okta.com/oauth2/default/v1/userinfo
But in spring boot its complains of invalid token and also there is timeout while connecting the user-info-uri. Please suggest what need to be done. Below is the logs of error.

2019-06-03 14:33:58 WARN o.s.b.a.s.o.r.UserInfoTokenServices - Could not fetch user details: class org.springframework.web.client.ResourceAccessException, I/O error on GET request for “https://dev-251759.okta.com/oauth2/default/v1/userinfo”: Connection timed out: connect; nested exception is java.net.ConnectException: Connection timed out: connect
2019-06-03 14:33:58 DEBUG o.s.b.a.s.o.r.UserInfoTokenServices - userinfo returned error: Could not fetch user details
2019-06-03 14:33:58 DEBUG o.s.s.o.p.a.OAuth2AuthenticationProcessingFilter - Authentication request failed: error=“invalid_token”, error_description=“eyJraWQiOiJOVndBanAxcS14TFFaUG5hRFRXZ0Y3WnFOcTRDaVlzcFBSamViVEJtQ2VBIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULnpITGxHbVpHb01iU1FyRlRac0V2MFhxMXcwT2JoWkR5ZGQwN2VzR21ka2ciLCJpc3MiOiJodHRwczovL2Rldi0yNTE3NTkub2t0YS5jb20vb2F1dGgyL2RlZmF1bHQiLCJhdWQiOiJhcGk6Ly9kZWZhdWx0IiwiaWF0IjoxNTU5NTk3Mzg0LCJleHAiOjE1NTk2ODM3ODQsImNpZCI6IjBvYW4wcDEyanlMMkNLS2ZmMzU2IiwidWlkIjoiMDB1bjBsa3Y4MkV6RnJZRkUzNTYiLCJzY3AiOlsicHJvZmlsZSIsImVtYWlsIiwib3BlbmlkIl0sInN1YiI6ImRhdmlkaGNtZXhAZ21haWwuY29tIn0.DE3rhRvNP4hUxzFgHpqFToagKAgy8qWIfqp1EqnPsss7TaCIA_ZKyY2XPpPaiougvGdIBFwzSiqEbMok86J34CaeWJbSf21KA3Dcl8TrZfRTinCdD63s08BAEJi9I30eCcrCMq22GVLWW-c-TE5Jk1yIlo98jyoZq52ytv2kG3zuSqYtdNtv46CqfrmcY4t6sxv4F2qEYuoyCy5WH7fB_PvuqIlbfVPYrlPKHURMfLgRY6MzPxRyOn5ajdIsxOPYcnCTPyObtyUAkwGBL2vAUKDk60mkTU-_oYaWuw-v38G0-MFCWRqTbrfXbCygHxy-3P3_Cdfk7QSH5DnJyDAU3w”
2019-06-03 14:33:58 DEBUG o.s.s.w.h.writers.HstsHeaderWriter - Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@54be30ae

mraible · June 4, 2019, 8:22am

It looks like your outbound connection to Okta is timing out. Or it could be blocked by your firewall. Or maybe you have a proxy that needs to be configured?

Rajeev · June 4, 2019, 6:24pm

Thanks @mraible. I am able to invoke the URL “https://dev-251759.okta.com/oauth2/default/v1/userinfo” with token using postman. but failing to do it using spring boot service. Can you point me what to look for?

bdemers · June 4, 2019, 7:03pm

Hey @Rajeev!

Couple questions, which version of Spring Security (or Spring Boot) are you using?
Where is your server located? Are you on a corporate network? Do they have any firewalls or smart network virus scanners?

Rajeev · June 4, 2019, 7:43pm

@bdemers I am using below dependency. The problem is solved, its proxy problem. thanks @mraible and @bdemers for your help.

org.springframework.security.oauth
spring-security-oauth2
2.2.0.RELEASE

bdemers · June 4, 2019, 8:03pm

Thanks @Rajeev for following up!

system · January 17, 2024, 11:38pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
How to validate access token from java Questions	4	4957	March 4, 2019
Okta server side token validation in OIDC Questions	4	3702	April 7, 2020
OKTA integration with Spring Boot project OAuth/OIDC spring , java	10	8530	November 10, 2017
Invalid token / Invalid Signature OAuth/OIDC spring , boot	15	11276	January 12, 2024
Unable to obtain new access token for resource 'null' Questions	4	7269	September 20, 2019

Spring Boot application is not able to validate the token Returned from Okta

Related topics