Replace Spring Security OAuth with Okta Spring Boot Starter

[mraible]

DO NOT MERGE. This PR only exists to demonstrate an issue in the Okta Spring Boot Starter.

It seems like it should be possible to reduce the number of properties needed for Spring Security OAuth by simply adding the Okta Spring Boot Starter. Unfortunately, it does not work.

To reproduce the issue. Create a ~/.okta.env file with your settings for an Okta Web app.

export SECURITY_OAUTH2_CLIENT_ACCESS_TOKEN_URI="https://{yourOktaDomain}.com/oauth2/default/v1/token"
export SECURITY_OAUTH2_CLIENT_USER_AUTHORIZATION_URI="https://{yourOktaDomain}.com/oauth2/default/v1/authorize"
export SECURITY_OAUTH2_RESOURCE_USER_INFO_URI="https://{yourOktaDomain}.com/oauth2/default/v1/userinfo"
export SECURITY_OAUTH2_RESOURCE_TOKEN_INFO_URI="https://{yourOktaDomain}.com/oauth2/default/v1/introspect"
export SECURITY_OAUTH2_CLIENT_CLIENT_ID="{yourClientId}"
export SECURITY_OAUTH2_CLIENT_CLIENT_SECRET="{yourClientSecret}"

Clone this project and checkout the oauth branch:

git clone git@github.com:oktadeveloper/spring-boot-microservices-example.git
cd spring-boot-microservices-example
git checkout oauth

Source your app settings and run each app:

source ~/.okta.env
./run.sh

You should be able to log in at http://localhost:8081 and see data from the beer-catalog-service at http://localhost:8081/good-beers.

Now, check out the oauth-okta branch and add your client ID and secret to ~/.okta.env.

export OKTA_OAUTH2_CLIENTID="{yourClientId}"
export OKTA_OAUTH2_CLIENTSECRET="{yourClientSecret}"

Run the following commands to restart everything with the new settings:

killall java
source ~/.okta.env
./run.sh

You'll be able to log in at http://localhost:8081, but you won't be able to access http://localhost:8081/good-beers.