admin管理员组

文章数量:1296883

I have upgraded java web application from SpringBoot 2 to 3 and Spring security to 6. Im trying to use Okta to authenticate and im getting 404 error on my local host.

Folloing are the screenshots i got from the okta dev account

Okta logs:

Property File

oauth2.authUri=
oauth2.accessTokenUri=
oauth2.userInfoUri=
oauth2.redirect_uri=http://localhost:8081/search
oauth2.clientId=xxx
oauth2.clientSecret=xxx
oauth2.scope=openid,profile,email
oauth2.authenticationScheme=header

ClientRegistrationRepository with the application prop

@Bean
    public ClientRegistrationRepository clientRegistrationRepository() {
        ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("okta")
                .clientId(clientId)
                .clientSecret(clientSecret)
                .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
                .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
                .redirectUri(redirectUri)
                .scope(scope)
                .authorizationUri(authUri)
                .tokenUri(accessTokenUri)
                .userNameAttributeName("id")
                .build();

        return new InMemoryClientRegistrationRepository(clientRegistration);
    }

I'm invoking localhost:8081 and its redirecting to ;client_id=xxx&scope=openid,profile,email&state=23DFGHYTRDX&redirect_uri=/search and I'm presented with a 404:

Am I missing something here, does any one ave any idea about this?

I have upgraded java web application from SpringBoot 2 to 3 and Spring security to 6. Im trying to use Okta to authenticate and im getting 404 error on my local host.

Folloing are the screenshots i got from the okta dev account

Okta logs:

Property File

oauth2.authUri=https://dev-xxx.okta/oauth2/default/v1/authorize
oauth2.accessTokenUri=https://dev-xxx.okta/oauth2/default/v1/token
oauth2.userInfoUri=https://dev-xxx.okta/oauth2/v1/userInfo
oauth2.redirect_uri=http://localhost:8081/search
oauth2.clientId=xxx
oauth2.clientSecret=xxx
oauth2.scope=openid,profile,email
oauth2.authenticationScheme=header

ClientRegistrationRepository with the application prop

@Bean
    public ClientRegistrationRepository clientRegistrationRepository() {
        ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("okta")
                .clientId(clientId)
                .clientSecret(clientSecret)
                .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
                .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
                .redirectUri(redirectUri)
                .scope(scope)
                .authorizationUri(authUri)
                .tokenUri(accessTokenUri)
                .userNameAttributeName("id")
                .build();

        return new InMemoryClientRegistrationRepository(clientRegistration);
    }

I'm invoking localhost:8081 and its redirecting to https://dev-xxxx.okta/oauth2/default?response_type=code&client_id=xxx&scope=openid,profile,email&state=23DFGHYTRDX&redirect_uri=/search and I'm presented with a 404:

Am I missing something here, does any one ave any idea about this?

  • spring-boot
  • spring-security
  • http-status-code-404
  • okta
Share Improve this question asked Feb 12 at 6:03 Dimuthu ADimuthu A 11 silver badge2 bronze badges 1
  • You added an answer with status for your question. If you follow the advice in my answer below, you can complete this with very little code. Here's an example in which you can apply my suggested config: github/danvega/spring-security-social-login BR – Roar S. Commented Feb 13 at 9:03
Add a comment  | 

1 Answer 1

Reset to default 0

In Okta, register the following allowed redirect-URI: http://localhost:8081/login/oauth2/code/<client registration key> Replace <client registration key> with your actual provider, e.g. "okta".

The redirect_uri in the redirect to Okta must match the redirect-URI in Okta.

For Okta, we can follow this part of the docs: OAuth2 Client Registration for Common Providers

For common OAuth2 and OpenID providers, including Google, Github, Facebook, and Okta, we provide a set of provider defaults (google, github, facebook, and okta, respectively).

If you do not need to customize these providers, you can set the provider attribute to the one for which you need to infer defaults. Also, if the key for the client registration matches a default supported provider, Spring Boot infers that as well.

and replace your code with this in application.yml.

spring:
  security:
    oauth2:
      client:
        registration:
          okta:
            client-id: xxx # replace this with actual client-ID
            client-secret: xxx # replace this with actual secret
        provider:
          okta:
            issuer-uri: https://dev-xxx.okta/oauth2/default # verify this
            user-name-attribute: id # default is "sub"

When looking into this old issue, it might be that you'll have to add client-name: Okta.

spring:
  security:
    oauth2:
      client:
        registration:
          okta:
            client-id: xxx
            client-secret: xxx
            client-name: Okta
        provider:
          okta:
            issuer-uri: https://dev-xxx.okta/oauth2/default
            user-name-attribute: id # default is "sub"

Properties-format

spring.security.oauth2.client.registration.okta.client-id=xxx # replace this with actual client-ID
spring.security.oauth2.client.registration.okta.client-secret=xxx # replace this with actual secret

spring.security.oauth2.client.provider.okta.issuer-uri=https://dev-xxx.okta/oauth2/default
spring.security.oauth2.client.provider.okta.user-name-attribute=id # default is "sub"

本文标签: spring bootSpringBoot3 Okta authentication 404 errorStack Overflow

版权声明:本文标题:spring boot - SpringBoot3 Okta authentication 404 error - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741619096a2388704.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。