API tools faq
paste
Guest User

okta infinite error

a guest
Aug 1st, 2025
50
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.27 KB | None | 0 0
raw download clone embed print report
  1. spring.security.oauth2.client.registration.okta.client-id=myclientid
  2. spring.security.oauth2.client.registration.okta.client-secret=myclisnrsecret
  3. spring.security.oauth2.client.registration.okta.scope=openid,profile,email
  4. spring.security.oauth2.client.registration.okta.redirect-uri=http://localhost:8080/login/oauth2/code/okta
  5. spring.security.oauth2.client.provider.okta.issuer-uri=https://dev-XXXXXXXX.okta.com/oauth2/default
  6.  
  7. const.application.url=http://localhost:8080/
  8. okta.oauth2.issuer=https://dev-XXXXXXXX.okta.com/oauth2/default
  9. okta.oauth2.client-id=myclientid
  10. okta.oauth2.client-secret=myclisnrsecret
  11. okta.oauth2.redirect-uri=http://localhost:8080/login/oauth2/code/okta
  12.  
  13.  
  14. security config
  15.  
  16. package com.vlps.excelgenerator.security;
  17.  
  18.  
  19.  
  20. import com.vlps.excelgenerator.controller.LogoutHandler;
  21. import com.vlps.excelgenerator.validator.AudienceValidator;
  22. import org.springframework.beans.factory.annotation.Autowired;
  23. import org.springframework.beans.factory.annotation.Value;
  24. import org.springframework.context.annotation.Bean;
  25. import org.springframework.context.annotation.Configuration;
  26. import org.springframework.context.annotation.Lazy;
  27. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  28. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
  29. import org.springframework.security.oauth2.client.registration.ClientRegistration;
  30. import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
  31. import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
  32. import org.springframework.security.oauth2.core.AuthorizationGrantType;
  33. import org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator;
  34. import org.springframework.security.oauth2.core.OAuth2TokenValidator;
  35. import org.springframework.security.oauth2.jwt.*;
  36. import org.springframework.security.web.SecurityFilterChain;
  37. import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
  38. import org.springframework.web.cors.CorsConfiguration;
  39. import org.springframework.web.cors.CorsConfigurationSource;
  40. import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
  41.  
  42. import java.util.Arrays;
  43.  
  44. @EnableWebSecurity
  45. @Configuration
  46. public class SecurityConfiguration {
  47. @Value("${const.application.url}")
  48. private String applicationURL;
  49.  
  50.  
  51.  
  52. private String issuer="https://dev-XXXXXX.okta.com/oauth2/default"; //provide issuer url
  53. private String audience="myclientid"; //provide audience
  54.  
  55.  
  56. @Bean
  57. CorsConfigurationSource corsConfigurationSource() {
  58. CorsConfiguration cors = new CorsConfiguration();
  59. cors.setAllowCredentials(true);
  60. cors.setAllowedOrigins(Arrays.asList(applicationURL));
  61. cors.setAllowedHeaders(Arrays.asList("Origin", "Access-Control-Allow-Origin", "Content-Type", "Accept",
  62. "Authorization", "Access-Control-Allow-Origin", "Access-Control-Allow-Credentials"));
  63. cors.setAllowedMethods(Arrays.asList("*"));
  64. UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
  65. source.registerCorsConfiguration("/**", cors);
  66. return source;
  67. }
  68.  
  69. //@Override
  70. @Bean
  71. protected SecurityFilterChain configure(HttpSecurity http) throws Exception {
  72.  
  73. http.authorizeHttpRequests((requests) -> requests
  74. .requestMatchers("/").authenticated()
  75. .requestMatchers("/api/*").authenticated()
  76. .anyRequest().authenticated()
  77. )
  78.  
  79.  
  80. .oauth2Login();
  81. return http.build();
  82. }
  83.  
  84. @Bean
  85. public JwtDecoder jwtDecoder() {
  86. NimbusJwtDecoder jwtDecoder = (NimbusJwtDecoder)
  87. JwtDecoders.fromOidcIssuerLocation(issuer);
  88.  
  89. OAuth2TokenValidator<Jwt> audienceValidator = new AudienceValidator(audience);
  90. OAuth2TokenValidator<Jwt> withIssuer = JwtValidators.createDefaultWithIssuer(issuer);
  91. OAuth2TokenValidator<Jwt> withAudience = new DelegatingOAuth2TokenValidator<>(withIssuer, audienceValidator);
  92.  
  93. jwtDecoder.setJwtValidator(withAudience);
  94.  
  95. return jwtDecoder;
  96. }
  97.  
  98.  
  99.  
  100. }
  101.  
  102. okta developer accout sign in redirect uri---http://localhost:8080/login/oauth2/code/okta
  103.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!