Hello Team,
failing to retrieve custom claims in rest controller method
project stack
Spring boot 2.x
Okta spring boot starter 2.x
Client → reactJS app
server side → spring boot
dev account
https://dev-713382-admin.okta.com/
Followed this example to retrieve JWTAuthenticationToken and Jwt, but from these references unable to retrieve custom claims created for SPA application, more over my observation is that it is like hit and miss sometimes custom attributes are populated and most of the time they are not available.
My source code looks like below
@Configuration
@EnableWebSecurity
@Order(SecurityProperties.BASIC_AUTH_ORDER)
public class WebSecurity extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().and()
//.and().csrf().disable()
.authorizeRequests(authorize → authorize
.requestMatchers(PathRequest.toStaticResources().atCommonLocations()).permitAll()
.anyRequest().authenticated()
)
.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
Okta.configureResourceServer401ResponseBody(http);
}
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/static/**");
}
}
@GetMapping("/test")
public ResponseEntity<String> getCliam(JwtAuthenticationToken token, @AuthenticationPrincipal Jwt jwt) {
System.out.println("********************************************");
token.getTokenAttributes().forEach((key, value) -> System.out.println(key + "---------" + value));
System.out.println("********************************************");
System.out.println("******************JWT**************************");
jwt.getClaims().forEach((key, value) -> System.out.println(key + "---------" + value));
System.out.println("*******************JWT*************************");
}
please correct me if my understanding wrong and kindly support in resolving this issue.
Thank you,