This lab will help you learn how build a Spring Boot resource server that’s secured with OAuth 2.0, the Okta Spring Boot starter, and Spring Security.
1 Like
The lab was good, but I felt a touch more detail would have been welcome on the “conversation” of Oauth could have been provided, e.g., Redirect/Callback URLs.
The requirement for httpie felt … unnecessary. Sure, it’s sans-localhost forms are nice, but curl is almost a de facto, or expected, tool (and often already available). Provide examples for both, maybe the conciseness of the httpie examples will intrigue developers to consider it.
At first I didn’t get the gradle examples. Then it dawned on me that the Spring Initializr defaults to Gradle. So I just generated a Maven version. Maybe include an mvn example too, for example mvn spring-boot:run or ./mvnw spring-boot:run.
Thanks for the feedback, @javafueled! In this particular case, there isn’t much of a conversation other than downloading the JWKS and validating the access token with it. There is no redirect and callback because it’s not authentication; it’s authorization. I did link to our OAuth 2.0 docs in hopes that this would provide the necessary information if people are interested.
I appreciate your suggestions on using cURL and Maven. We have the ability to add tabs that show alternatives so that I can do HTTPie and cURL, Gradle and Maven, and Java and Kotlin. Would that work for you?
2 Likes
Hello, @javafueled. We’ve updated the lab to include cURL and Maven. Please have a look and let us know if you have any feedback!
2 Likes