oauth2-protocol-patterns icon indicating copy to clipboard operation
oauth2-protocol-patterns copied to clipboard

Published 20 hours ago verified publisher icon jgrandja

Metadata

= OAuth 2.0 Protocols and Patterns

WARNING: The samples in this repo are intended for educational purposes to demonstrate certain features of Spring Security and OAuth 2.0 / OpenID Connect 1.0. DO NOT blindly copy/paste code from the samples into production applications. Please work with your information security team to determine the suitability of using the patterns shown in the samples.

== Run the Sample

  • Build the sample -> ./gradlew clean build
  • Run Spring Authorization Server -> ./gradlew -b auth-server/build.gradle bootRun ** IMPORTANT: Make sure to modify your /etc/hosts file to avoid problems with session cookie overwrites between ui-app and auth-server. Simply add the entry 127.0.0.1 auth-server
  • Run UI App -> ./gradlew -b ui-app/build.gradle bootRun
  • Run Microservice A -> ./gradlew -b microservice-a/build.gradle bootRun
  • Run Microservice B -> ./gradlew -b microservice-b/build.gradle bootRun
  • Run Microservice C -> ./gradlew -b microservice-c/build.gradle bootRun
  • Go to http://127.0.0.1:8080 and login to Spring Authorization Server using user1/password [IMPORTANT] Make sure to use the IP literal 127.0.0.1 and not localhost.

== Resources

=== Reference Documentation

  • https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#oauth2client[OAuth 2.0 Client]
  • https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#oauth2login[OAuth 2.0 Login]
  • https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/#oauth2resourceserver[OAuth 2.0 Resource Server]

=== Samples

  • https://github.com/spring-projects/spring-security/tree/master/samples/boot/oauth2login[OAuth 2.0 Login]
  • https://github.com/spring-projects/spring-security/tree/master/samples/boot/oauth2login-webflux[OAuth 2.0 Login (WebFlux)]
  • https://github.com/spring-projects/spring-security/tree/master/samples/boot/oauth2webclient[OAuth 2.0 WebClient extensions (Servlet)]
  • https://github.com/spring-projects/spring-security/tree/master/samples/boot/oauth2webclient-webflux[OAuth 2.0 WebClient extensions (WebFlux)]
  • https://github.com/spring-projects/spring-security/tree/master/samples/boot/oauth2resourceserver[OAuth 2.0 Resource Server]
  • https://github.com/spring-projects/spring-security/tree/master/samples/boot/oauth2resourceserver-webflux[OAuth 2.0 Resource Server (WebFlux)]

Metadata

284
Stars
108
Forks
Watchers

Owner

verified publisher icon jgrandja

Metadata

Back