Oauth2-Stateless-Authentication-with-Spring-and-JWT-Token
Oauth2-Stateless-Authentication-with-Spring-and-JWT-Token copied to clipboard
Oauth2 Stateless Authentication with Spring and JWT Token
Oauth2 Stateless Authentication with Spring and JWT Token
This project uses Spring Security to authenticate and protect some Rest resources.
It uses withAuthorizationServerConfigurerAdapter
, ResourceServerConfigurerAdapter
and WebSecurityConfigurerAdapter
combined with @PreAuthorize
to configure the security.
It also uses an H2 embeded database to authenticate the users.
Article on the project
USING SPRING OAUTH2 TO SECURE RESTExternal references
This project was inspired by all these references.To Build and Run
Go to the cloned directory and runmvn spring-boot:run
or build with your chosen IDE.
Curl Commands
You should install ./JQ before running these Curl commands.
curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq
To get a refresh token
curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=access_token&access_tokem=[ACCESS_TOKEN]" | jq
To access a protected resource
curl -H "Authorization: Bearer [ACCESS_TOKEN]" localhost:8080/api/hello
Register new Account
curl -H "Authorization: Bearer $(curl register-app:secret@localhost:8080/oauth/token -d "grant_type=client_credentials&client_id=register-app" | jq --raw-output ."access_token")" localhost:8080/api/register -H "Content-Type: application/json" -d '{"username":"new-user","password":"password","firstName":"First","lastName":"Last","email":"[email protected]"}' | jq
Curl sample commands
api/me
curl -H "Authorization: Bearer $(curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq --raw-output ."access_token")" localhost:8080/api/me | jq