Race condition between okta-spring-boot and spring-cloud-starter-vault
rhpereda opened this issue · 9 comments
Currently I'm working on a project that is integrated with vault to get some data, including the audience, issuer and clientId used in okta.oauth2. I'm unable to do the vault integration because the application always tries to fulfill the OktaOauth2Properties before configure the vault integration. I tried to create the OktaOauth2Properties as code, but that is not possible because it have a private constructor. Is there anyway that i can make this work?
I'm using:
- spring-boot: 2.3.8-RELEASE
- spring-cloud: HOXTON.SR9
- okta-spring-boot-starter: 2.0.0
Thanks in advance.
@bdemers any suggestions on this one?
i can think on some options to try to solve this, but i'll have to try it out. I'll try to do it soon and get back to you....
@rhpereda It's been a minute since i've used Vault. Are you setting the Vault connection properties in a bootstrap.[yml|properties]?
Do you see the same problem with other Spring Cloud Config implementations?
I'm also using spring-cloud kafka and others from the spring-cloud package. But none of that is giving me problems. Just to clarify the problem is that the issuer, the clientId and the clientSecret are stored in vault, so the application needs to use the vault integration to retrieve the secrets before setting up the okta configuration.
@rhpereda, yes, that shouldn't be an issue 😄, but we would like to make sure things work out of the box too.
Any chance you can create a simple project that reproduces the issue?
I can do it, but I'll need a vault to connect to...
@rhpereda This blog post shows how to setup Vault locally. https://developer.okta.com/blog/2022/10/20/spring-vault
Closing this due to inactivity, feel free to reopen with comments if necessary.