Merge pull request #2 from oktadev/spring-boot-2.7.4

Upgrade to Spring Boot 2.7.4

README.md

@@ -2,9 +2,15 @@
 
 This repository contains all the code for testing a Spring Cloud Configuration Server using Vault as backend, and a demo client application with Okta OIDC authentication.
 
-Please read [Secure Secrets With Spring Cloud Config and Vault](https://developer.okta.com/blog/2020/05/04/spring-vault) to see how this app was created.
+Please read [Secure Secrets With Spring Cloud Config and Vault](https://developer.okta.com/blog/2022/10/20/spring-vault) to see how this app was created.
 
-**Prerequisites**: [Java 8](https://adoptopenjdk.net/)+ and [Docker](https://docs.docker.com/engine/install/).
+**Prerequisites:**
+
+- [Java OpenJDK 17](https://jdk.java.net/java-se-ri/17)
+- [Okta CLI 0.10.0](https://cli.okta.com)
+- [Docker 20.10.12](https://docs.docker.com/engine/install/)
+- [HTTPie 3.2.1](https://httpie.io/docs/cli/installation)
+- [Vault 1.12.0](https://hub.docker.com/_/vault)
 
 > [Okta](https://developer.okta.com/) has Authentication and User Management APIs that reduce development time with instant-on, scalable user infrastructure. Okta's intuitive API and expert support make it easy for developers to authenticate, manage, and secure users and roles in any application.
 
@@ -18,44 +24,74 @@ Please read [Secure Secrets With Spring Cloud Config and Vault](https://develope
 To install this example, run the following commands:
 
 ```bash
-git clone https://github.com/oktadeveloper/okta-spring-vault-example.git
+git clone https://github.com/oktadev/okta-spring-vault-example.git
 ```
 
 ## Create the OIDC Application in Okta
 
-For the Okta authentication set up, register for a [free developer account](https://developer.okta.com/signup/). After you log in, go to **API** > **Authorization Servers** and copy your Issuer URI into a text editor.
+Open a command line session at the root of `vault-demo-app`.
+
+Before you begin, you’ll need a free Okta developer account. Install the [Okta CLI](https://cli.okta.com/) and run `okta register` to sign up for a new account. If you already have an account, run `okta login`. Then, run `okta apps create`. Select the default app name, or change it as you see fit. Choose **Web** and press **Enter**.
+
+Select **Okta Spring Boot Starter**. Accept the default Redirect URI values provided for you. That is, a Login Redirect of `http://localhost:8080/login/oauth2/code/okta` and a Logout Redirect of `http://localhost:8080`.
+
+<p>
+<details>
+  <summary>What does the Okta CLI do?</summary>
 
-Then go to **Applications** and create a new **Web** application. Configure it as follows:
+  The Okta CLI will create an OIDC Web App in your Okta Org. It will add the redirect URIs you specified and grant access to the Everyone group. You will see output like the following when it’s finished:
 
-- Name: `Vault Demo`
-- Base URIs: `http://localhost:8080/`
-- Login redirect URIs: `http://localhost:8080/login/oauth2/code/okta`
-- Logout redirect URIs: `http://localhost:8080`
-- Grant type allowed: 
-  - [x] Authorization Code
-  - [x] Refresh Token
+  ```shell
+  Okta application configuration has been written to: /path/to/app/src/main/resources/application.properties
+  ```
 
-Click **Done** and copy the **Client ID** and **Client secret** into a text editor for later. Go to **API** > **Authorization Servers** and copy the **default** issuer URI.
+  Open `src/main/resources/application.properties` to see the issuer and credentials for your app.
 
+  ```shell
+  okta.oauth2.issuer=https://dev-133337.okta.com/oauth2/default
+  okta.oauth2.client-id=0oab8eb55Kb9jdMIr5d6
+  okta.oauth2.client-secret=NEVER-SHOW-SECRETS
+  ```
+
+  **NOTE**: You can also use the Okta Admin Console to create your app. See [Create a Spring Boot App](https://developer.okta.com/docs/guides/sign-into-web-app/springboot/create-okta-application/) for more information.
+
+</details>
+</p>
+
+Copy the values from `src/main/resources/application.properties` and delete the file.
 
 ## Run Vault
 
+Pull the Vault image.
+
 ```shell
 docker pull vault
+```
+Run a container, make sure to replace `{hostPath}` with a local directory path, such as `/tmp/vault`:
+
+```shell
 docker run --cap-add=IPC_LOCK \
 -e 'VAULT_DEV_ROOT_TOKEN_ID=00000000-0000-0000-0000-000000000000' \
 -p 8200:8200 \
 -v {hostPath}:/vault/logs \
 --name my-vault vault
 ```
 
-Store the secrets:
+Open an interactive terminal with Vault:
 
 ```shell
 docker exec -it my-vault /bin/sh
+```
+
+In the terminal, store the secrets by executing the following code. Replace with the values returned by Okta CLI.
+
+```shell
 export VAULT_TOKEN="00000000-0000-0000-0000-000000000000"
 export VAULT_ADDR="http://127.0.0.1:8200"
-vault kv put secret/vault-demo-app,dev \ spring.security.oauth2.client.registration.oidc.client-id="{yourClientID}" \ spring.security.oauth2.client.registration.oidc.client-secret="{yourClientSecret}" \ spring.security.oauth2.client.provider.oidc.issuer-uri="{yourIssuerURI}"
+vault kv put secret/vault-demo-app,dev \
+okta.oauth2.clientId="{yourClientId}" \
+okta.oauth2.clientSecret="{yourClientSecret}" \
+okta.oauth2.issuer="{yourIssuerURI}"
 ```
 
 ## Run the applications with Maven
@@ -73,19 +109,19 @@ SPRING_CLOUD_CONFIG_TOKEN=00000000-0000-0000-0000-000000000000 \
 ./mvnw spring-boot:run
 ```
 
-Go to http://localhost:8080 and login with Okta.
+Go to `http://localhost:8080` and log in with Okta.
 
 ## Links
 
 This example uses the following libraries:
 
 * [HashiCorp Vault](https://www.vaultproject.io/)
-* [Okta Spring Boot Starter](https://github.com/oktadeveloper/generator-jhipster-ionic)
+* [Okta Spring Boot Starter](https://github.com/okta/okta-spring-boot)
 * [Spring Cloud Config](https://spring.io/projects/spring-cloud-config)
 
 ## Help
 
-Please post any questions as comments on the [blog post](https://developer.okta.com/blog/2020/05/04/spring-vault), or visit our [Okta Developer Forums](https://devforum.okta.com/). You can also post a question to Stack Overflow with the ["okta" tag](https://stackoverflow.com/questions/tagged/okta).
+Please post any questions as comments on the [blog post](https://developer.okta.com/blog/2022/10/20/spring-vault), or visit our [Okta Developer Forums](https://devforum.okta.com/). You can also post a question to Stack Overflow with the ["okta" tag](https://stackoverflow.com/questions/tagged/okta).
 
 ## License
 

vault-config-server/.gitignore

@@ -1,8 +1,8 @@
 HELP.md
 target/
 !.mvn/wrapper/maven-wrapper.jar
-!**/src/main/**
-!**/src/test/**
+!**/src/main/**/target/
+!**/src/test/**/target/
 
 ### STS ###
 .apt_generated
@@ -26,6 +26,8 @@ target/
 /nbdist/
 /.nb-gradle/
 build/
+!**/src/main/**/build/
+!**/src/test/**/build/
 
 ### VS Code ###
 .vscode/

vault-config-server/.mvn/wrapper/maven-wrapper.properties

@@ -1,2 +1,2 @@
-distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip
-wrapperUrl=https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.6/apache-maven-3.8.6-bin.zip
+wrapperUrl=https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar

vault-config-server/mvnw

@@ -36,6 +36,10 @@
 
 if [ -z "$MAVEN_SKIP_RC" ] ; then
 
+  if [ -f /usr/local/etc/mavenrc ] ; then
+    . /usr/local/etc/mavenrc
+  fi
+
   if [ -f /etc/mavenrc ] ; then
     . /etc/mavenrc
   fi
@@ -145,7 +149,7 @@ if [ -z "$JAVACMD" ] ; then
       JAVACMD="$JAVA_HOME/bin/java"
     fi
   else
-    JAVACMD="`which java`"
+    JAVACMD="`\\unset -f command; \\command -v java`"
   fi
 fi
 
@@ -212,9 +216,9 @@ else
       echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..."
     fi
     if [ -n "$MVNW_REPOURL" ]; then
-      jarUrl="$MVNW_REPOURL/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
+      jarUrl="$MVNW_REPOURL/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
     else
-      jarUrl="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
+      jarUrl="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
     fi
     while IFS="=" read key value; do
       case "$key" in (wrapperUrl) jarUrl="$value"; break ;;
@@ -233,9 +237,9 @@ else
           echo "Found wget ... using wget"
         fi
         if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
-            wget "$jarUrl" -O "$wrapperJarPath"
+            wget "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
         else
-            wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath"
+            wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
         fi
     elif command -v curl > /dev/null; then
         if [ "$MVNW_VERBOSE" = true ]; then
@@ -305,6 +309,8 @@ WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
 
 exec "$JAVACMD" \
   $MAVEN_OPTS \
+  $MAVEN_DEBUG_OPTS \
   -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
-  "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
+  "-Dmaven.home=${M2_HOME}" \
+  "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
   ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"

vault-config-server/mvnw.cmd

@@ -46,8 +46,8 @@ if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
 @REM Execute a user defined script before this one
 if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
 @REM check for pre script, once with legacy .bat ending and once with .cmd ending
-if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat"
-if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd"
+if exist "%USERPROFILE%\mavenrc_pre.bat" call "%USERPROFILE%\mavenrc_pre.bat" %*
+if exist "%USERPROFILE%\mavenrc_pre.cmd" call "%USERPROFILE%\mavenrc_pre.cmd" %*
 :skipRcPre
 
 @setlocal
@@ -120,9 +120,9 @@ SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
 set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
 set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
 
-set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
+set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
 
-FOR /F "tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
+FOR /F "usebackq tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
     IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B
 )
 
@@ -134,7 +134,7 @@ if exist %WRAPPER_JAR% (
     )
 ) else (
     if not "%MVNW_REPOURL%" == "" (
-        SET DOWNLOAD_URL="%MVNW_REPOURL%/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
+        SET DOWNLOAD_URL="%MVNW_REPOURL%/org/apache/maven/wrapper/maven-wrapper/3.1.0/maven-wrapper-3.1.0.jar"
     )
     if "%MVNW_VERBOSE%" == "true" (
         echo Couldn't find %WRAPPER_JAR%, downloading it ...
@@ -158,7 +158,13 @@ if exist %WRAPPER_JAR% (
 @REM work with both Windows and non-Windows executions.
 set MAVEN_CMD_LINE_ARGS=%*
 
-%MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
+%MAVEN_JAVA_EXE% ^
+  %JVM_CONFIG_MAVEN_PROPS% ^
+  %MAVEN_OPTS% ^
+  %MAVEN_DEBUG_OPTS% ^
+  -classpath %WRAPPER_JAR% ^
+  "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" ^
+  %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
 if ERRORLEVEL 1 goto error
 goto end
 
@@ -168,15 +174,15 @@ set ERROR_CODE=1
 :end
 @endlocal & set ERROR_CODE=%ERROR_CODE%
 
-if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost
+if not "%MAVEN_SKIP_RC%"=="" goto skipRcPost
 @REM check for post script, once with legacy .bat ending and once with .cmd ending
-if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat"
-if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd"
+if exist "%USERPROFILE%\mavenrc_post.bat" call "%USERPROFILE%\mavenrc_post.bat"
+if exist "%USERPROFILE%\mavenrc_post.cmd" call "%USERPROFILE%\mavenrc_post.cmd"
 :skipRcPost
 
 @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
-if "%MAVEN_BATCH_PAUSE%" == "on" pause
+if "%MAVEN_BATCH_PAUSE%"=="on" pause
 
-if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE%
+if "%MAVEN_TERMINATE_CMD%"=="on" exit %ERROR_CODE%
 
-exit /B %ERROR_CODE%
+cmd /C exit /B %ERROR_CODE%