oauth2-protocol-patterns icon indicating copy to clipboard operation
oauth2-protocol-patterns copied to clipboard

Published 20 hours ago verified publisher icon jgrandja

Updates

Open stefanganzer opened this issue 3 years ago • 0 comments

Hello Joe,

I recently watched one of your presentations where you use this project to explain different oauth2 flows. It helped me a lot to gain a better understanding of how the different parts play together.

This change set updates the demo to use the current Spring Boot version 2.7.3, and Authorization Server version 0.3.1. The required changes to make the apps run were:

  • having unique secrets
  • using noop password hashing mechanism
  • changing redirect uri from localhost to 127.0.0.1
  • using builders where required
  • using beans (as shown in Authorization Server documentation) instead of importing default configuration
  • changing deprecated ClientAuthenticationMethod.BASIC to CLIENT_SECRET_BASIC

The only difference I noted when running the app is that the JWT ID (jti) seems not to be accessible/populated anymore. I did not dig deeper into this, as everything else was working.

Best regards Stefan

stefanganzer avatar Sep 18 '22 13:09 stefanganzer