-
Notifications
You must be signed in to change notification settings - Fork 141
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Custom JWT authentication converter is ignored #508
Comments
When I use spring-boot-starter-oauth2-resource-server and remove okta-spring-boot-starter dependency, it works as expected. |
@Draudastic26 Thanks for posting! I'd like to understand a bit more about your use case and the need for a custom JWT Authentication Converter. The Okta Springboot starter provides a converter that automatically takes care of converting claims in tokens to authorities. Are you sure you are adding your custom JwtAuthenticationConverter bean to the SecurityChain in your oauth2ResourceServer config? |
Our customer has their own Okta instance and the required info for our backend is just available in the id_token via the okta userinfo endpoint. Also the authorities (RACF and AD groups) are just available in the id_token via custom claims. This setup is fix and can't be configured. My idea was to convert the JWT into an extended version of the JwtAuthenticationToken with the required fields from the userinfo endpoint. With that, I could also use the handy @PreAuthorize annotation. Everything works as expected, but only with the spring-boot-starter-oauth2-resource-server dependency and not with this okta lib. The security chain looks like this:
EDIT: I use Kotlin |
@Draudastic26 Can you please check if this is still an issue with 3.0.3? |
Hi @arvindkrishnakumar-okta , I'm facing the same use case with the latest version and it still happens. |
encounter same problem, for custom converter, i step back to adopt spring security |
I'm submitting a
Background info
With okta-spring-boot-starter it is not possible to use a custom JwtAuthenticationConverter like described in this tutorial: https://www.baeldung.com/spring-security-map-authorities-jwt#using_custom_jwtauthenticationconverter
Expected behavior
A custom converter is used (Converter<Jwt, AbstractAuthenticationToken>).
What went wrong?
Configuration is ignored.
Steps to reproduce
See chapter 8 here: https://www.baeldung.com/spring-security-map-authorities-jwt#using_custom_jwtauthenticationconverter
SDK Version
Spring Boot: 2.7.5
okta-spring-boot-starter: 2.1.6
The text was updated successfully, but these errors were encountered: