I am integrating okta sign in flow with AEM SPA site. Okta sign in page is already created and hosted as separate application using okta widgets ,so once user is authenticated then I need to verify user logged -in status in sling filter and return the resource. if anyone has integrated okta on their AEM site, please provide some pointers?
AEM version 6.5 with react spa editor
I tried to check if there are okta java sdk examples that can do what I am trying to do but couldn't find it
What you will probably need to do is create an Okta application for AEM and then use the javascript Okta auth (okta javascript auth sdk) https://github.com/okta/okta-auth-js on your pages if the sling filter says they are not already in - and have the javascript set a session cookie with the expiration time of the okta token.
As for setting up the sling filter, you'll then check that session cookie and make sure it hasn't expired. So that part will be easy once you have the javascript set up to get the okta token for your AEM okta application.
Okta applications usually have a specified url they will accept auth from, so you may need to set up the okta authentication app to always return to the same AEM page it permits auth from, then forward from there to the page the user expects to return to from the okta login process.
Or your okta configuration may allow wild cards for auth pages so you could set it to be any of your pages with a login on it - ours does not.