You can use the Okta Spring Boot starter to simplify your configuration a bit. It expects you to create an Auth0 tenant with a redirect URI that ends in okta instead of auth0.
Here’s an example with the Auth0 CLI:
auth0 apps create \
--name "Spring Boot" \
--description "Spring Boot Example" \
--type regular \
--callbacks http://localhost:8080/login/oauth2/code/okta \
--logout-urls http://localhost:8080 \
--reveal-secrets
Then, configure things as follows in your application.yaml:
okta:
oauth2:
issuer: https://<your-auth0-domain>/
client-id: <client-id>
client-secret: <client-secret>
You don’t need any security configuration for this to work since it already has some defaults specified. Your controller can be simplified to the following:
@RestController
@RequiredArgsConstructor
public class HomeController {
@GetMapping("/secured")
public Map<String, Object> getSecuredData(@AuthenticationPrincipal OidcUser principal) {
Map<String, Object> securedData = new HashMap<>();
if (principal != null) {
securedData.put("user", principal.getName());
securedData.put("claims", principal.getClaims());
} else {
securedData.put("error", "User not authenticated");
}
return securedData;
}
}
Then, start your app and access http://localhost:8080/secured. You’ll be redirected to log in, then back to your app and its /secured endpoint.
We also have an Authentication in Spring Boot lab you might find useful.