I have a problem about opening the login page of okta through http://localhost:9090/authenticate/login
I already get a page with showing a message which named “Invalid Crediantials”
Even if I recreate an app in app many times, I couldn’t solve the issue.
How can I fix it?
Here is the okta script of application.yml
okta:
oauth2:
issuer: https://dev-54315943.okta.com/oauth2/default
audience: api://default
client-id: 0oa6s3zb19diYE0Fs5d7
client-secret: Et8NxudIRKlKSTpNPoF0uPkPgNzOuzLx0UGts08G
scopes: openid, email, profile, offline_access
Here is the controller for okta
@RestController
@RequestMapping("/authenticate")
@Slf4j
public class AuthController {
@GetMapping("/login")
public ResponseEntity<AuthenticationResponse> login(
@AuthenticationPrincipal OidcUser oidcUser,
Model model,
@RegisteredOAuth2AuthorizedClient("okta")
OAuth2AuthorizedClient client
) {
log.info("AuthController | login is called");
log.info("AuthController | login | client : " + client.toString());
AuthenticationResponse authenticationResponse = null;
try{
authenticationResponse
= AuthenticationResponse.builder()
.userId(oidcUser.getEmail())
.accessToken(client.getAccessToken().getTokenValue())
.refreshToken(client.getRefreshToken().getTokenValue())
.expiresAt(client.getAccessToken().getExpiresAt().getEpochSecond())
.authorityList(oidcUser.getAuthorities()
.stream()
.map(GrantedAuthority::getAuthority)
.collect(Collectors.toList()))
.build();
}catch (Exception e){
log.info("AuthController | login | error : " + e.getMessage());
}
return new ResponseEntity<>(authenticationResponse, HttpStatus.OK);
}
}
Here is the configuration of okta
@Configuration
@EnableWebFluxSecurity
public class OktaOAuth2WebSecurity {
@Bean
public SecurityWebFilterChain securityFilterChain(ServerHttpSecurity http) {
http
.authorizeExchange()
.anyExchange().authenticated()
.and()
.oauth2Login()
.and()
.oauth2ResourceServer()
.jwt();
return http.build();
}
}