All Projects → Baeldung → Spring Security Oauth

Baeldung / Spring Security Oauth

Licence: mit
Just Announced - "Learn Spring Security OAuth":

Programming Languages

java
68154 projects - #9 most used programming language
javascript
184084 projects - #8 most used programming language
typescript
32286 projects
HTML
75241 projects
CSS
56736 projects
FreeMarker
481 projects

Projects that are alternatives of or similar to Spring Security Oauth

oauth-provider-sample
A Spring Security OAuth provider, developed in my monograph about SSO and OAuth
Stars: ✭ 13 (-99.21%)
Mutual labels:  oauth, spring-security, spring-security-oauth
Diber-backend
Delivery Service - Spring Boot / Spring Data Jpa / Hibernate / PostgreSQL / OAuth2 Application
Stars: ✭ 22 (-98.67%)
Mutual labels:  oauth, spring-security
Pac4j
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 2,097 (+27.17%)
Mutual labels:  oauth, spring-security
Spring Security Pac4j
pac4j security library for Spring Security: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 231 (-85.99%)
Mutual labels:  oauth, spring-security
SpringBoot-Mall
SpringBoot商城系统Demo,主要功能:提供了商城系统的后端Api,不包含前端页面,体现了前后端解耦分离的思想。实现了商品,购物车,订单系统,单点登录系统等4个功能模块
Stars: ✭ 42 (-97.45%)
Mutual labels:  spring-security, spring-security-oauth
okta-jhipster-microservices-oauth-example
A microservices architecture built with JHipster, OAuth 2.0, and Okta
Stars: ✭ 29 (-98.24%)
Mutual labels:  oauth, spring-security
Sample Spring Oauth2 Microservices
some examples that show basic and more advanced implementations of oauth2 authorization mechanism in spring-cloud microservices environment
Stars: ✭ 109 (-93.39%)
Mutual labels:  oauth, spring-security
Ng Boot Oauth
oauth2 demo with angularjs and springboot
Stars: ✭ 99 (-94%)
Mutual labels:  oauth
Spring Cloud Study
spring-cloud学习
Stars: ✭ 108 (-93.45%)
Mutual labels:  spring-security
Sample Boot Hibernate
Spring Boot + JPA ( Hibernate ) + Java8 [ DDD Sample ]
Stars: ✭ 97 (-94.12%)
Mutual labels:  spring-security
Springbootsample
spring boot sample source
Stars: ✭ 95 (-94.24%)
Mutual labels:  spring-security
Warden Github Rails
Use GitHub as authorization and more. Use organizations and teams as means of authorization by simply wrapping your rails routes in a block. Also useful to get a user's details through OAuth.
Stars: ✭ 100 (-93.94%)
Mutual labels:  oauth
Docusign Node Client
The Official DocuSign Node.js Client Library used to interact with the eSign REST API. Send, sign, and approve documents using this client.
Stars: ✭ 108 (-93.45%)
Mutual labels:  oauth
Vue Authenticate
Simple Vue.js authentication library
Stars: ✭ 1,350 (-18.13%)
Mutual labels:  oauth
Patreon Js
Use the Patreon API via OAuth.
Stars: ✭ 111 (-93.27%)
Mutual labels:  oauth
Nginx Openid Connect
Reference implementation of OpenID Connect integration for NGINX Plus
Stars: ✭ 96 (-94.18%)
Mutual labels:  oauth
Spring Cloud Flycloud
🔥🔥🔥FlyClould 微服务实战项目框架,在该框架中,包括了用 Spring Cloud 构建微服务的一系列基本组件和框架,对于后台服务框架的搭建有很大的参考价值,大家可以参考甚至稍加修改可以直接应用于自己的实际的项目开发中,该项目没有采用Maven进行项目构建,Maven通过xml进行依赖管理,导致整个配置文件太过臃肿,另外灵活性也不是很强,所以我采用Gradle进行项目构建和依赖管理,在FlyTour项目中我们见证了Gradle的强大,通过简单的一些配置就可以轻松的实现组件化的功能。该项目共有11个Module工程。其中10个位微服务工程,这10个微服务工程构成了一个完整的微服务系统,微服务系统包含了8个基础服务,提供了一整套微服务治理功能,他们分别是配置中心module_c…
Stars: ✭ 1,514 (-8.19%)
Mutual labels:  spring-security
Spring Webmvc Pac4j
Security library for Spring Web MVC: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Stars: ✭ 110 (-93.33%)
Mutual labels:  oauth
Webfluxtemplate
Spring Webflux template application with working Spring Security, Web-sockets, Rest, Web MVC, and Authentication with JWT.
Stars: ✭ 107 (-93.51%)
Mutual labels:  spring-security
Flask Oauthlib
YOU SHOULD USE https://github.com/lepture/authlib
Stars: ✭ 1,429 (-13.34%)
Mutual labels:  oauth

Spring Security OAuth

I've just announced a new course, dedicated on exploring the new OAuth2 stack in Spring Security 5 - Learn Spring Security OAuth: http://bit.ly/github-lsso




Build the Project

mvn clean install

Projects/Modules

This project contains a number of modules, here is a quick description of what each module contains:

  • oauth-rest - Authorization Server (Keycloak), Resource Server and Angular App based on the new Spring Security 5 stack
  • oauth-jwt - Authorization Server (Keycloak), Resource Server and Angular App based on the new Spring Security 5 stack, focused on JWT support
  • oauth-jws-jwk-legacy - Authorization Server and Resource Server for JWS + JWK in a Spring Security OAuth2 Application
  • oauth-legacy - Authorization Server, Resource Server, Angular and AngularJS Apps for legacy Spring Security OAuth2

Run the Modules

You can run any sub-module using command line:

mvn spring-boot:run

If you're using Spring STS, you can also import them and run them directly, via the Boot Dashboard

You can then access the UI application - for example the module using the Password Grant - like this: http://localhost:8084/

You can login using these credentials, username:john and password:123

Run the Angular 7 Modules

  • To run any of Angular7 front-end modules (spring-security-oauth-ui-implicit-angular , spring-security-oauth-ui-password-angular and oauth-ui-authorization-code-angular) , we need to build the app first:
mvn clean install
  • Then we need to navigate to our Angular app directory:
cd src/main/resources

And run the command to download the dependencies:

npm install
  • Finally, we will start our app:
npm start
  • Note: Angular7 modules are commented out because these don't build on Jenkins as they need npm installed, but they build properly locally
  • Note for Angular version < 4.3.0: You should comment out the HttpClient and HttpClientModule import in app.module and app.service.ts. These version rely on the HttpModule.

Using the JS-only SPA OAuth Client

The main purpose of these projects are to analyze how OAuth should be carried out on Javascript-only Single-Page-Applications, using the authorization_code flow with PKCE.

The clients-SPA-legacy/clients-js-only-react-legacy project includes a very simple Spring Boot Application serving a couple of separate Single-Page-Applications developed in React.

It includes two pages:

  • a 'Step-By-Step' guide, where we analyze explicitly each step that we need to carry out to obtain an access token and request a secured resource
  • a 'Real Case' scenario, where we can log in, and obtain or use secured endpoints (provided by the Auth server and by a Custom server we set up)
  • the Article's Example Page, with the exact same code that is shown in the related article

The Step-By-Step guide supports using different providers (Authorization Servers) by just adding (or uncommenting) the corresponding entries in the static/spa/js/configs.js.

The 'Step-by-Step' OAuth Client with PKCE page

After running the Spring Boot Application (a simple mvn spring-boot:run command will be enough), we can browse to http://localhost:8080/pkce-stepbystep/index.html and follow the steps to find out what it takes to obtain an access token using the Authorization Code with PKCE Flow.

When prompted the login form, we might need to create a user for our Application first.

The 'Real-Case' OAuth Client with PKCE page

To use all the features contained in the http://localhost:8080/pkce-realcase/index.html page, we'll need to first start the resource server (clients-SPA-legacy/oauth-resource-server-auth0-legacy).

In this page, we can:

  • List the resources in our resource server (public, no permissions needed)
  • Add resources (we're requested the permissions to do that when logging in. For simplicity sake, we just request the existing 'profile' scope)
  • Remove resources (we actually can't accomplish this task, because the resource server requires the application to have permissions that were not included in the existing scopes)
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].