[SDK-4652] Spring Boot Login - Use Spring Boot 3 and Okta Spring Boot Starter

articles/quickstart/webapp/java-spring-boot/files/application.md

@@ -3,20 +3,9 @@ name: application.yml
 language: yaml
 ---
 ```yaml
-spring:
-  security:
-    oauth2:
-      client:
-        registration:
-          auth0:
-            client-id: ${account.clientId}
-            client-secret: YOUR_CLIENT_SECRET
-            scope:
-              - openid
-              - profile
-              - email
-        provider:
-          auth0:
-            # trailing slash is important!
-            issuer-uri: https://${account.namespace}/
+okta:
+  oauth2:
+    issuer: https://${account.namespace}/
+    client-id: ${account.clientId}
+    client-secret: YOUR_CLIENT_SECRET
 ```

articles/quickstart/webapp/java-spring-boot/files/index.md

@@ -7,14 +7,16 @@ language: html
 <html lang="en" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
     <body>
         <div sec:authorize="!isAuthenticated()">
-            <a th:href="@{/oauth2/authorization/auth0}">Log In</a>
+            <a th:href="@{/oauth2/authorization/okta}">Log In</a>
         </div>
         <div sec:authorize="isAuthenticated()">
             <p>You are logged in!</p>
             <img th:src="<%= "${profile.get('picture')}" %>" th:attr="<%= "alt=${profile.get('name')}" %>"/>
             <h2 th:text="<%= "${profile.get('name')}" %>"></h2>
             <p th:text="<%= "${profile.get('email')}" %>"></p>
-            <a th:href="@{/logout}">Log Out</a>
+            <form name="logoutForm" th:action="@{/logout}" method="post">
+                <button type="submit" value="Log out"/>
+            </form>
         </div>
     </body>
 </html>

articles/quickstart/webapp/java-spring-boot/files/security-config-logout.md

@@ -5,29 +5,51 @@ language: java
 ```java
 package com.auth0.example;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.security.web.authentication.logout.LogoutHandler;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
 
+import java.io.IOException;
+
+import static org.springframework.security.config.Customizer.withDefaults;
+
+@Configuration
 @EnableWebSecurity
 public class SecurityConfig {
 
-    private final LogoutHandler logoutHandler;
+    @Value("<%= "${okta.oauth2.issuer}" %>")
+    private String issuer;
+    @Value("<%= "${okta.oauth2.client-id}" %>")
+    private String clientId;
 
-    public SecurityConfig(LogoutHandler logoutHandler) {
-        this.logoutHandler = logoutHandler;
+    @Bean
+    public SecurityFilterChain configure(HttpSecurity http) throws Exception {
+        http
+            .authorizeHttpRequests(authorize -> authorize
+                .requestMatchers("/", "/images/**").permitAll()
+                .anyRequest().authenticated()
+            )
+            .oauth2Login(withDefaults())
+            .logout(logout -> logout
+                .addLogoutHandler(logoutHandler()));
+        return http.build();
     }
 
-    @Bean
-    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        return http
-                .oauth2Login()
-                .and().logout()
-                .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
-                .addLogoutHandler(logoutHandler)
-                .and().build();
+    private LogoutHandler logoutHandler() {
+        return (request, response, authentication) -> {
+            try {
+                String baseUrl = ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString();
+                response.sendRedirect(issuer + "v2/logout?client_id=" + clientId + "&returnTo=" + baseUrl);
+            } catch (IOException e) {
+                throw new RuntimeException(e);
+            }
+        };
     }
 }
+
 ```

articles/quickstart/webapp/java-spring-boot/files/security-config.md

@@ -6,17 +6,25 @@ language: java
 package com.auth0.example;
 
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
 
+import static org.springframework.security.config.Customizer.withDefaults;
+
+@Configuration
 @EnableWebSecurity
 public class SecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-        return http.oauth2Login()
-                .and().build();
+         http
+            .authorizeHttpRequests(authorize -> authorize
+                .anyRequest().authenticated()
+            )
+            .oauth2Login(withDefaults());
+        return http.build();
     }
 }
 ```

articles/quickstart/webapp/java-spring-boot/index.yml

@@ -21,13 +21,16 @@ articles:
 show_steps: true
 hidden_articles:
   - "interactive"
+sdk:
+  name: Okta Spring Boot Starter
+  url: https://github.com/okta/okta-spring-boot/
+  logo: spring
 github:
   org: auth0-samples
   repo: auth0-spring-boot-login-samples
   branch: master
 requirements:
-  - Java 8
-  - Gradle 6 or Maven 3
+  - Java 17
 next_steps:
   - path: 01-login
     list: