I have an API that uses OKTA for authentication. I need the opaque token so that I can access the OKTA APIs on behalf of the user. How can I have access to the opaque token in my controller?
I found this.
I created this ExchangeFilterFunction:
private ExchangeFilterFunction myExchangeFilterFunction(OAuth2AuthorizedClientService clientService) {
return new ExchangeFilterFunction() {
@Override
public Mono<ClientResponse> filter(ClientRequest request, ExchangeFunction next) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
OAuth2AuthenticationToken oauthToken = (OAuth2AuthenticationToken) authentication;
OAuth2AuthorizedClient client = clientService.loadAuthorizedClient(
oauthToken.getAuthorizedClientRegistrationId(),
oauthToken.getName());
String accessToken = client.getAccessToken().getTokenValue();
ClientRequest newRequest = ClientRequest.from(request)
.headers((headers) -> headers.setBearerAuth(accessToken))
.build();
return next.exchange(newRequest);
}
};
}