This is a simple Spring Boot web application with just a secured home page at the /
location, built with Thymeleaf templates, for the purpose of demonstrating the OpenID Connect Authorization Code Flow with PKCE in a confidential client, using Auth0 as the identity provider.
Clone the repository:
git clone https://github.com/indiepopart/spring-web-pkce.git
Sign up at Auth0 and install the Auth0 CLI. Then in the command line run:
auth0 login
The command output will display a device confirmation code and open a browser session to activate the device.
Using the Auth0 CLI, register the web application as an authentication client for Auht0:
auth0 apps create \
--name "Spring MVC" \
--description "Spring Boot Webapp" \
--type regular \
--callbacks http://localhost:8080/login/oauth2/code/okta \
--logout-urls http://localhost:8080 \
--reveal-secrets
Copy application.yml.example
to application.yml
and fill in the values with your Auth0 client settings.
okta:
oauth2:
issuer: https://<your-auth0-domain>/
client-id: <client-id>
client-secret: <client-secret>
post-logout-redirect-uri: http://localhost:8080
./gradlew bootRun
In your browser, open a private window and navigate to http://localhost:8080. You will be redirected to the Auth0 Universal Login page.