Package com.okta.spring.boot.oauth

Class Okta

java.lang.Object
com.okta.spring.boot.oauth.Okta
public final class Okta extends Object
Okta + Spring Security utility methods.
Since:
1.2.0

  • Method Summary

    Modifier and Type
    Method
    Description
    static org.springframework.security.config.annotation.web.builders.HttpSecurity
    configureOAuth2WithPkce(org.springframework.security.config.annotation.web.builders.HttpSecurity http, org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository)
    Configures the http with an OAuth2 Login, that supports PKCE.
    static org.springframework.security.config.web.server.ServerHttpSecurity
    configureOAuth2WithPkce(org.springframework.security.config.web.server.ServerHttpSecurity http, org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository clientRegistrationRepository)
    Configures the http with an OAuth2 Login, that supports PKCE.
    static org.springframework.security.config.annotation.web.builders.HttpSecurity
    configureResourceServer401ResponseBody(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
    Configures the http to return a NON-EMPTY response body if the client supports the Media Type text/plain.
    static org.springframework.security.config.web.server.ServerHttpSecurity
    configureResourceServer401ResponseBody(org.springframework.security.config.web.server.ServerHttpSecurity http)
    Configures the http to return a NON-EMPTY response body if the client supports the Media Type text/plain.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • configureResourceServer401ResponseBody

      public static org.springframework.security.config.web.server.ServerHttpSecurity configureResourceServer401ResponseBody(org.springframework.security.config.web.server.ServerHttpSecurity http)
      Configures the http to return a NON-EMPTY response body if the client supports the Media Type text/plain. This is to work around an issue with Chrome, when a response body is empty, Chrome will show a `This site can’t be reached`, ERR_INVALID_RESPONSE error. The body content will contain the HTTP Status and simple message such as `401 Unauthorized`.
      Parameters:
      http - the ServerHttpSecurity to configure
      Returns:
      the http to allow method chaining

    • configureResourceServer401ResponseBody

      public static org.springframework.security.config.annotation.web.builders.HttpSecurity configureResourceServer401ResponseBody(org.springframework.security.config.annotation.web.builders.HttpSecurity http) throws Exception
      Configures the http to return a NON-EMPTY response body if the client supports the Media Type text/plain. This is to work around an issue with Chrome, when a response body is empty, Chrome will show a `This site can’t be reached`, ERR_INVALID_RESPONSE error. The body content will contain the HTTP Status and simple message such as `401 Unauthorized`.
      Parameters:
      http - the HttpSecurity to configure
      Returns:
      the http to allow method chaining
      Throws:
      Exception

    • configureOAuth2WithPkce

      public static org.springframework.security.config.web.server.ServerHttpSecurity configureOAuth2WithPkce(org.springframework.security.config.web.server.ServerHttpSecurity http, org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository clientRegistrationRepository)
      Configures the http with an OAuth2 Login, that supports PKCE. The default Spring Security implementation only enables PKCE for public clients.

      NOTE: Enabling PKCE will be required for all clients (public and confidential) in the future OAuth 2.1 spec.

      Parameters:
      http - the ServerHttpSecurity to configure
      clientRegistrationRepository - the repository bean, this should be injected into the calling method.
      Returns:
      the http to allow method chaining

    • configureOAuth2WithPkce

      public static org.springframework.security.config.annotation.web.builders.HttpSecurity configureOAuth2WithPkce(org.springframework.security.config.annotation.web.builders.HttpSecurity http, org.springframework.security.oauth2.client.registration.ClientRegistrationRepository clientRegistrationRepository) throws Exception
      Configures the http with an OAuth2 Login, that supports PKCE. The default Spring Security implementation only enables PKCE for public clients.

      NOTE: Enabling PKCE will be required for all clients (public and confidential) in the future OAuth 2.1 spec.

      Parameters:
      http - the HttpSecurity to configure
      clientRegistrationRepository - the repository bean, this should be injected into the calling method.
      Returns:
      the http to allow method chaining
      Throws:
      Exception