Enterprise OAuth 2.0 - Using okta(1)

Enterprise OAuth 2.0 - Using okta(1)

Okta Authorization Server

image-20210424122255716

Okta setup and Endpoints

https://developer.okta.com/signup/

image-20210424154819305

Custom Resource Server using Spring boot

https://developer.okta.com/docs/reference/api/authorization-servers/#authorization-server-object

https://dev-15955701-admin.okta.com/admin/oauth2/as

image-20210424162724678

# Okta oauth security setting. The access tokens are coming in as JWT tokens
spring.security.oauth2.resourceserver.jwt.jwk-set-uri: <PLACE OKTA ISSUER URL HERE FROM OKTA CONSOLE>/v1/keys
Deep Dive Resource Owner Password Grant Type

image-20210424162710979

Create application client in Okta.

image-20210424164354307

image-20210424164617762

Test it on Postman.

============================================================

STEP 1: Construct a Token Request for username and password

============================================================

ENDPOINT =>

HTTP TYPE => POST

grant_type=

client_id=

client_secret= (NOT NEEDED)

username =

password

scope=openid profile email offline_access fakebook.api.read fakebookapi.admin

============================================================

STEP 2: Send Token Request and extract Token

============================================================

=> use openid profile email offline_access

=> Okta returns JWT tokens

=> dissect token in jwt.io

=> Difference between the ID TOKEN and ACCESS TOKEN

============================================================

STEP 3: Send a FakeBookAPI request (Get All Books)

============================================================

posted @ 2021-04-24 16:55  晨风_Eric  阅读(90)  评论(0编辑  收藏  举报