search

ivangfr / okta-springboot-react

The goal of this project is to implement an application where a user can manage (create/read/update/delete) jobs. For it, we will create: a backend Restful API called jobs-api and a frontend user interface called jobs-ui. Furthermore, we will use Okta to secure the complete application.
12 stars 10 forks source link

401 error while clicking on any job post #1

Closed ktaa13 closed 3 years ago

ktaa13 commented 3 years ago

I am getting a 401 HTTP error when i click any job post or any other link.

I logged in via OKTA successfully, but any other click on all links results in a 401

image

ivangfr commented 3 years ago

Hi @ktaa13!

I've cloned and followed the steps described in the README and it's working for me, as we can see in the GIF below

jobs-portal-demo

Maybe, you have missed some step.

Try to open the Inspect in the browser and go to Application. Then, find Local Storage > http://localhost:3000 as shown in the picture below.

Screen Shot 2021-09-03 at 20 40 50

Check if you have values for idToken and accessToken.

If you have the accessToken, copy its value and go to https://jwt.io/

Paste the code there. Check if you have the JOBS_STAFF or JOBS_CUSTOMER group there as shown in the picture below

image

Let me know your findings.

ktaa13 commented 3 years ago

image

It seems that the group isnt being added to the jwt token although the user has it in okta admin dashboard

ivangfr commented 3 years ago

Looks like some missing configuration in Okta. Make sure you have followed the steps in README, mainly this one https://github.com/ivangfr/okta-springboot-react#assign-groups-to-application.

lefperuch commented 3 years ago

Hello there.

I decided to try this project and the same problem happened to me. The way I got around this was by following this guide, more specifically I added one claim.

  1. Go to Security > API
  2. On the Authorization Servers tab, select either default or whatever the server that you're using
  3. Claims > Add Claim
For Access Token: groups: matches regex .*

Then I can see the groups in my Token

{
  "ver": 1,
  "jti": "AT.kGXBS8lJ71jmgduf58ljuOMkPwU19QMdFcUqo1aBfQc",
  "iss": "<iss>",
  "aud": "api://default",
  "iat": 1633051155,
  "exp": 1633054755,
  "cid": "0oa22grgxbLJ7tEvK5d7",
  "uid": "00u22gs9e7KJPUiK35d7",
  "scp": [
    "openid",
    "profile",
    "email"
  ],
  "sub": "mario.bros@jobs.com",
  "groups": [
    "Everyone",
    "JOBS_STAFF"
  ]
}
ivangfr commented 3 years ago

Thanks @lefperuch for checking it out.

Indeed, I have those values in my Okta. Maybe, it's the key missing in my README in order to make it run smoothly.

I will update (as soon as possible) the README by adding the Security / API instructions.

@ktaa13 could you please try the steps suggested by @lefperuch

Best regards and sorry for the mistake!

ktaa13 commented 3 years ago

Dear @ivangfr 7 @lefperuch

Yes indeed it worked after I did the mentioned workaround. Thank you for your support!