Hope every one is doing fine in their lives...
It has been a long time since I last visited this forum.!
Javaranch has always been a goto forum for me rather than any other forums for any java related issue, and am happy to be back after so long time..!
I am currently working on Quarkus framework where I am creating an OIDC integration with Okta and am following the Authorization Code Flow!
here is the complete detail of the flow and am currently stuck at:
1) Registered a web app integration with OKTA provider from where we get the details like clientId, clientSecret, clientName, Authorize Endpoint URL, UserInfo URL Token URL.
It also consists of
- sign in redirect url - which is a login callback.
1) User /User browser agent sends a request to a REST endpoint which redirects to an Authorize Endpoint:
2) Authorize endpoint - Endpoint consist of 6 parameters
3)If the user is not signed in, Okta should send the Login form or page to the user browser asking the user to enter user/password and give consent.
4) Once the user gives consent, and the user is authentication, it verifies the consent and returns "code" and "state" parameters.
5) The code is than exchanged with Authorisation Server's with token endpoint for ID Token.
So URL->my authorise endpoint to okta authorise url endpoint redirection happens smoothly.
Since the user is not authenticated, Okta server should sent me the Okta enabled sign in page for entering the credentials and user consent, it is not happening and I am getting 400 BadRequestException.
Can any body help me get the above issue resolved?