Skip to content

Latest commit

 

History

History
63 lines (54 loc) · 2.9 KB

File metadata and controls

63 lines (54 loc) · 2.9 KB

Oauth2 Stateless Authentication with Spring and JWT Token

This project uses Spring Security to authenticate and protect some Rest resources. It uses withAuthorizationServerConfigurerAdapter, ResourceServerConfigurerAdapter and WebSecurityConfigurerAdapter combined with @PreAuthorize to configure the security. It also uses an H2 embeded database to authenticate the users.

Article on the project

USING SPRING OAUTH2 TO SECURE REST

External references

This project was inspired by all these references.
  • Using JWT with Spring Security OAuth
  • JWT authentication with Spring Web
  • JWT Authentication Tutorial: An example using Spring Boot
  • Spring Oauth2 with JWT Sample
  • OAuth2 in depth: A step-by-step introduction for enterprises
  • spring-auth-example

    To Build and Run

    Go to the cloned directory and run mvn spring-boot:run or build with your chosen IDE.

    Curl Commands

    You should install ./JQ before running these Curl commands.
    To get a new token
    curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq
    To get a refresh token
    curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=access_token&access_tokem=[ACCESS_TOKEN]" | jq
    To access a protected resource
    curl -H "Authorization: Bearer [ACCESS_TOKEN]" localhost:8080/api/hello

    Register new Account
    curl -H "Authorization: Bearer $(curl register-app:secret@localhost:8080/oauth/token -d "grant_type=client_credentials&client_id=register-app" | jq --raw-output ."access_token")" localhost:8080/api/register -H "Content-Type: application/json" -d '{"username":"new-user","password":"password","firstName":"First","lastName":"Last","email":"[email protected]"}' | jq

    Curl sample commands api/me curl -H "Authorization: Bearer $(curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq --raw-output ."access_token")" localhost:8080/api/me | jq