Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Spring Security OIDC Demo
@Grab('spring-boot-starter-oauth2-client')
@RestController
class Application {
@GetMapping('/')
String home(java.security.Principal user) {
'Hello ' + user.name
}
}
@RestController
class HomeController {
@GetMapping("/")
public String hello(@AuthenticationPrincipal OidcUser user) {
return "Hello, " + user.getFullName();
}
}
@mraible
Copy link
Author

mraible commented Jan 16, 2020

OIDC QuickStart with Spring Security

For app.groovy to work, you'll need to:

  1. Register a Web app on Okta

  2. Set the Login redirect URI to http://localhost:8080/login/oauth2/code/okta

  3. Create an okta.env with the following settings.

     export SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_ISSUER_URI=https://dev-133320.okta.com/oauth2/default
     export SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENT_ID=0oa2i1c3qxrCrIk3C357
     export SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENT_SECRET=AGtxec_kUbR4VGo9JdWaI1lUbnnKbivMC6tIaj4a
    
  4. Run source okta.env, followed by spring run app.groovy. Navigate to http://localhost:8080 and you'll be prompted to log in. It will only show you the user's unique identifier.

Do More with Java

  1. To get their full name, create a new Spring Boot app with HTTPie and expand the downloaded zip file.

     http https://start.spring.io/starter.zip dependencies==okta,web javaVersion==11 -d
     unzip -d java-boot demo.zip
    
  2. Use the Okta Maven Plugin to create an Okta account and register a Spring Boot app.

     mvn com.okta:okta-maven-plugin:setup
    
  3. Start your app with ./mvnw spring-boot:run and go to http://localhost:8080. After logging in, your full name will be displayed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment