Skip to content

Commit

Permalink
[SDK-4652] Spring Boot Login - Use Spring Boot 3 and Okta Spring Boot…
Browse files Browse the repository at this point in the history
… Starter (#10323)

* [SDK-4652] Spring Boot Login - Use Spring Boot 3 and Okta Spring Boot Starter

* Update articles/quickstart/webapp/java-spring-boot/01-login.md

Co-authored-by: Matt Raible <matt@raibledesigns.com>

---------

Co-authored-by: Matt Raible <matt@raibledesigns.com>
  • Loading branch information
jimmyjames and mraible authored Oct 26, 2023
1 parent 55b39eb commit 83976fd
Show file tree
Hide file tree
Showing 8 changed files with 187 additions and 303 deletions.
230 changes: 86 additions & 144 deletions articles/quickstart/webapp/java-spring-boot/01-login.md

Large diffs are not rendered by default.

21 changes: 5 additions & 16 deletions articles/quickstart/webapp/java-spring-boot/files/application.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,20 +3,9 @@ name: application.yml
language: yaml
---
```yaml
spring:
security:
oauth2:
client:
registration:
auth0:
client-id: ${account.clientId}
client-secret: YOUR_CLIENT_SECRET
scope:
- openid
- profile
- email
provider:
auth0:
# trailing slash is important!
issuer-uri: https://${account.namespace}/
okta:
oauth2:
issuer: https://${account.namespace}/
client-id: ${account.clientId}
client-secret: YOUR_CLIENT_SECRET
```
6 changes: 4 additions & 2 deletions articles/quickstart/webapp/java-spring-boot/files/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,16 @@ language: html
<html lang="en" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
<body>
<div sec:authorize="!isAuthenticated()">
<a th:href="@{/oauth2/authorization/auth0}">Log In</a>
<a th:href="@{/oauth2/authorization/okta}">Log In</a>
</div>
<div sec:authorize="isAuthenticated()">
<p>You are logged in!</p>
<img th:src="<%= "${profile.get('picture')}" %>" th:attr="<%= "alt=${profile.get('name')}" %>"/>
<h2 th:text="<%= "${profile.get('name')}" %>"></h2>
<p th:text="<%= "${profile.get('email')}" %>"></p>
<a th:href="@{/logout}">Log Out</a>
<form name="logoutForm" th:action="@{/logout}" method="post">
<button type="submit" value="Log out"/>
</form>
</div>
</body>
</html>
Expand Down

This file was deleted.

Original file line number Diff line number Diff line change
Expand Up @@ -5,29 +5,51 @@ language: java
```java
package com.auth0.example;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;

import java.io.IOException;

import static org.springframework.security.config.Customizer.withDefaults;

@Configuration
@EnableWebSecurity
public class SecurityConfig {

private final LogoutHandler logoutHandler;
@Value("<%= "${okta.oauth2.issuer}" %>")
private String issuer;
@Value("<%= "${okta.oauth2.client-id}" %>")
private String clientId;

public SecurityConfig(LogoutHandler logoutHandler) {
this.logoutHandler = logoutHandler;
@Bean
public SecurityFilterChain configure(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests(authorize -> authorize
.requestMatchers("/", "/images/**").permitAll()
.anyRequest().authenticated()
)
.oauth2Login(withDefaults())
.logout(logout -> logout
.addLogoutHandler(logoutHandler()));
return http.build();
}

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
return http
.oauth2Login()
.and().logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.addLogoutHandler(logoutHandler)
.and().build();
private LogoutHandler logoutHandler() {
return (request, response, authentication) -> {
try {
String baseUrl = ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString();
response.sendRedirect(issuer + "v2/logout?client_id=" + clientId + "&returnTo=" + baseUrl);
} catch (IOException e) {
throw new RuntimeException(e);
}
};
}
}

```
Original file line number Diff line number Diff line change
Expand Up @@ -6,17 +6,25 @@ language: java
package com.auth0.example;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;

import static org.springframework.security.config.Customizer.withDefaults;

@Configuration
@EnableWebSecurity
public class SecurityConfig {

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
return http.oauth2Login()
.and().build();
http
.authorizeHttpRequests(authorize -> authorize
.anyRequest().authenticated()
)
.oauth2Login(withDefaults());
return http.build();
}
}
```
7 changes: 5 additions & 2 deletions articles/quickstart/webapp/java-spring-boot/index.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,13 +21,16 @@ articles:
show_steps: true
hidden_articles:
- "interactive"
sdk:
name: Okta Spring Boot Starter
url: https://github.com/okta/okta-spring-boot/
logo: spring
github:
org: auth0-samples
repo: auth0-spring-boot-login-samples
branch: master
requirements:
- Java 8
- Gradle 6 or Maven 3
- Java 17
next_steps:
- path: 01-login
list:
Expand Down
Loading

0 comments on commit 83976fd

Please sign in to comment.