Authorization flow with PKCE.

ghost commented 4 years ago

Can you please show the Authorization flow with PKCE, it will be great.

bnasslahsen commented 4 years ago

Hi @anandjaisy,

In order to be able to make calls from the swagger-ui, you need to declare à new application in Okta as SPA:

https://developer.okta.com/blog/2019/08/22/okta-authjs-pkce

And then enable PKCE on swagger-ui, so the code_verifier is also sent. Here is the complete springdoc-openapi settings for that:

springdoc.swagger-ui.oauth.client-id=yourSPAClientId
springdoc.swagger-ui.oauth.additional-query-string-params.state=xyz
springdoc.swagger-ui.oauth.additional-query-string-params.nonce=abc
springdoc.swagger-ui.oauth.use-pkce-with-authorization-code-grant=true
springdoc.oAuthFlow.authorizationUrl=${okta.client.orgUrl}/oauth2/v1/authorize
springdoc.oAuthFlow.tokenUrl=${okta.client.orgUrl}/oauth2/v1/token

emmaLP commented 3 years ago

The link to the sample repo returns 404, please can you provide an updated link as I'm struggling to get this working with the latest spring boot (2.4.0) and okta

bnasslahsen commented 3 years ago

@emmaLP,

The repository seems to be deleted.

You can see the discussions here if it can help:

https://github.com/springdoc/springdoc-openapi/issues/715

We can ask @Raghuraman1 if he can still share the sample here.

springdoc / springdoc-openapi-demos

Authorization flow with PKCE. #21