AuthenticationClients.builder().build() doesn't work about okta-auth-java HOT 9 CLOSED

Correct, we don't have explicit support for the AuthenticationClient as starter/auto config.

Your best bet would be to inject the OktaClientProperties bean, something very similar to what you have now:

@Bean
public AuthenticationClient oktaAuthenticationClient(OktaClientProperties clientProperties) {
return AuthenticationClients.builder()
    .setOrgUrl(clientProperties.getOrgUrl())
    .build();
} 

NOTE: from memory, so there might be a typo

This is very similar to how the OktaSdkConfig class works for the management client.

There are a few other ways to configure the SDKs, but this option is most inline with a Spring configuration.

Keep us posted!

from okta-auth-java.

Alright !! Thanks .. It is working - I mean deployment went through. I yet have to use it in actual api call. I guess - it doesn't need API token unlike SDK Client to make those call - correct ?

from okta-auth-java.

Correct, the /authn API's do NOT need an API key

Thanks for following up!

from okta-auth-java.

Brian, quick follow-up question

How to get AuthenticationResponse object using this API, if I don't have id / pwd in my spring boot app. I do have Authentication Object in SecurityContext - which don't provide me id_token, which I need for logout URL configuration. Any help / guidance appreciated ..

from okta-auth-java.

@vekdeq
I’m not sure what you are asking, you mentioned an id_token? This library doesn’t handle OAuth flows. Are you asking about our Spring Boot Starter?

from okta-auth-java.

Yes, that's correct. We have a Spring Boot based app using Okta Spring Boot Starter, Okta-Java-SDK, Okta-Authn-Java API calls. We are looking to implement logout functionality - which includes killing app session as well as Okta session too. To kill Okta Session we need to need to implement Okta logout using https://YYYY.oktapreview.com/oauth2/v1/logout?id_token_hint=XXXX api call from Spring boot app. I guess this function is not provided as part of any of APIs and we need to make a get / post call to logout from our middleware (Spring boot app). How to get id_token for that call ? Is there any other way to logout ?

Thanks a bunch in advance

Vivek

from okta-auth-java.

@vekdeq
RP initiates logout is also part of the next Spring Security release. (This lib just sits on top of Spring Sec)
https://spring.io/blog/2019/04/16/spring-security-5-2-0-m2-released

from okta-auth-java.

Hi Brian,

Even after upgrading to Spring Security 5.2.0.M4 the logout is not clearing Okta session. I have updated this in Spring Security Issue as well as below;

We have spring boot based application(s) using Okta as IDP, using okta spring boot starter - which inject Spring Security 5.1.5. With some efforts, I was able to configure gradle script where in my WAR file now have Spring Security 5.2.0.M4 jars. I am still unable to clear / kill Okta Session - after hitting default logout url. It is configured as link (app/logout) on app's UI - so no XHR - just link. Am I missing anything ?

Please guide.

Vivek

from okta-auth-java.

@vekdeq Lets move your Spring related questions to okta/okta-spring-boot or for more general suggestions the Developer Forum

from okta-auth-java.