solmaz-oskouie/okta-thymeleaf-security-example

Thymeleaf Security with WebFlux Example

Thymeleaf Security with WebFlux Example

This repository contains all the code for Thymeleaf Templates with Spring WebFlux to Secure Your Apps. This example illustrates how to protect functionality based on the user authorities and authentication status, and how to prevent CSRF attacks with Spring Security.

Prerequisites:

• HTTPie 3.0.2
• Java 11
• Okta CLI 0.10.0

Okta has Authentication and User Management APIs that reduce development time with instant-on, scalable user infrastructure. Okta's intuitive API and expert support make it easy for developers to authenticate, manage and secure users and roles in any application.

• Getting Started
• Links
• Help
• License

Getting started

To install this example, first clone this repository:

git clone https://github.com/oktadev/okta-thymeleaf-security-example.git thymeleaf-security

Configure Okta authentication

cd thymeleaf-security

With the Okta CLI, register for a free developer account:

okta register

Provide the required information. Once you complete the registration, create a client application with the following command:

okta apps create

You will be prompted to select the following options:

• Application name: thymeleaf-security
• Type of Application: Web
• Type of Application: Okta Spring Boot Starter
• Redirect URI: Default
• Post Logout Redirect URI: Default

The OktaCLI will create the client application and configure the issuer, clientId and client secret in src/main/resources/application.properties. Update the issuer, client-id, and client-secret in application.yml. Delete application.properties.

okta:
  oauth2:
    issuer: https://{yourOktaDomain}/oauth2/default
    client-id: {clientId}
    client-secret: {clientSecret}

Enable the scope quiz in your Okta authorization server

Sign in to the Okta Admin Console, and in the left menu, go to Security > API. Choose the default authorization server. In the Scopes tab, click Add Scope. Set the scope name as quiz and add a description, leave all the remaining fields with default values and click on Create.

Run with Maven

In the project root, generate the application container image with the following Maven command:

./mvnw spring-boot:run

Once the application is up, go to http://localhost:8080/ and sign in with your Okta credentials.

Links

This example uses the following open source libraries from Okta:

• Okta CLI
• Okta Spring Boot Starter

Help

Please post any questions as comments on the blog post, or visit our Okta Developer Forums.

License

Apache 2.0, see LICENSE.