Comments (3)
@danallen88 Thanks for posting!
The discovery of OIDC metadata from .well-known/openid-configuration
is done automatically by Spring OIDC client during the registration process and this behavior is embedded inside the Spring Security framework and Okta does not define it. There is no known documented way in Spring framework to bypass this.
For testing purposes, if you have concerns about public internet calls, you could mock the metadata, serve a static metadata by using a framework such as Wiremock. In fact, this SDK has such tests inside oauth2/src/test/
that you can use for reference.
Let me know if that helps!
from okta-spring-boot.
Thank you @arvindkrishnakumar-okta for confirming that there is no known documented way in Spring to bypass this, and thank you for pointing me to the tests that shows how Wiremock is used. Is this an example of such a test? https://github.com/okta/okta-spring-boot/blob/master/oauth2/src/test/groovy/com/okta/spring/boot/oauth/env/OktaOAuth2PropertiesMappingEnvironmentPostProcessorTest.groovy
from okta-spring-boot.
Sure, please take a look at tests in oauth2/src/test/groovy/com/okta/spring/boot/oauth/
.
from okta-spring-boot.
Related Issues (20)
- Application startup failure HOT 3
- Spring boot 3 HOT 3
- Custom JWT authentication converter is ignored HOT 5
- Public keys are not cached on the start up HOT 2
- How to disable Okta Login when running locally? HOT 2
- okta-spring-boot-starter 3.0.0 pulls in `javax` dependency; should pull in as `jakarta` HOT 8
- The redirect URI is invalid when using Spring WebFlux HOT 2
- Create authorities from Auth0 permissions claim HOT 2
- Bump okta.sdk.version from 8.2.3 to 10.x.x HOT 4
- Spring Boot 3.1 M2 not supported HOT 3
- No support for runtime-resolved OktaOAuth2Properties HOT 2
- Using this starter with Auth0 results in an opaque access token with `oauth2Login()` HOT 2
- How to resolve OKTA OIDC issue [access_denied] policy evaluation failed for this request please check the policy configurations HOT 2
- Default configuration causes pre-flight CORS request OPTIONS fail with HTTP 401 HOT 2
- Adding Spring HATEOAS to a project with Okta Boot Starter makes it fail to start
- From version 3.0.3, the application property resolution is broken when properties are loaded from Kubernetes ConfigMap HOT 2
- Update start.spring.io to allow usage with Spring Boot 3.2.0 HOT 1
- When getting exception from OKTA is being redirected to /login?error HOT 2
- Documentation uses "marked for removal" examples
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from okta-spring-boot.