{"id":23688707,"url":"https://github.com/chensoul/spring-security-6-oauth2-samples","last_synced_at":"2025-04-11T07:40:25.920Z","repository":{"id":259136345,"uuid":"876036146","full_name":"chensoul/spring-security-6-oauth2-samples","owner":"chensoul","description":"基于 Spring Security 6 搭建 OAuth2 授权和认证服务。","archived":false,"fork":false,"pushed_at":"2025-03-21T06:35:21.000Z","size":1840,"stargazers_count":3,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-25T05:12:43.869Z","etag":null,"topics":["spring-authorization-server","spring-security","spring-security-oauth2"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chensoul.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-10-21T09:43:03.000Z","updated_at":"2025-02-21T10:27:41.000Z","dependencies_parsed_at":"2024-12-06T02:24:20.381Z","dependency_job_id":"0a33eba1-8e03-40b9-909c-df6dc88b4f54","html_url":"https://github.com/chensoul/spring-security-6-oauth2-samples","commit_stats":null,"previous_names":["chensoul/learn-spring-authorization-server","chensoul/spring-security-6-oauth2-samples"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chensoul%2Fspring-security-6-oauth2-samples","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chensoul%2Fspring-security-6-oauth2-samples/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chensoul%2Fspring-security-6-oauth2-samples/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chensoul%2Fspring-security-6-oauth2-samples/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chensoul","download_url":"https://codeload.github.com/chensoul/spring-security-6-oauth2-samples/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248359202,"owners_count":21090494,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["spring-authorization-server","spring-security","spring-security-oauth2"],"created_at":"2024-12-30T00:18:17.323Z","updated_at":"2025-04-11T07:40:25.887Z","avatar_url":"https://github.com/chensoul.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"![video_spider](https://socialify.git.ci/chensoul/spring-security-6-oauth2-samples/image?forks=1\u0026issues=1\u0026language=1\u0026name=1\u0026owner=1\u0026stargazers=1\u0026theme=Light)\n\n# \u003cfont size=\"6p\"\u003espring-security-6-oauth2-samples\u003c/font\u003e \u003cfont size=\"5p\"\u003e  | [English Documentation](README.md)\u003c/font\u003e\n\n\u003cp align=\"left\"\u003e\n\t\u003ca href=\"https://github.com/chensoul/spring-security-6-oauth2-samples/stargazers\"\u003e\u003cimg src=\"https://img.shields.io/github/stars/chensoul/spring-security-6-oauth2-samples?style=flat-square\u0026logo=GitHub\"\u003e\u003c/a\u003e\n\t\u003ca href=\"https://github.com/chensoul/spring-security-6-oauth2-samples/network/members\"\u003e\u003cimg src=\"https://img.shields.io/github/forks/chensoul/spring-security-6-oauth2-samples?style=flat-square\u0026logo=GitHub\"\u003e\u003c/a\u003e\n\t\u003ca href=\"https://github.com/chensoul/spring-security-6-oauth2-samples/watchers\"\u003e\u003cimg src=\"https://img.shields.io/github/watchers/chensoul/spring-security-6-oauth2-samples?style=flat-square\u0026logo=GitHub\"\u003e\u003c/a\u003e\n\t\u003ca href=\"https://github.com/chensoul/spring-security-6-oauth2-samples/issues\"\u003e\u003cimg src=\"https://img.shields.io/github/issues/chensoul/spring-security-6-oauth2-samples.svg?style=flat-square\u0026logo=GitHub\"\u003e\u003c/a\u003e\n\t\u003ca href=\"https://github.com/chensoul/spring-security-6-oauth2-samples/blob/main/LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/github/license/chensoul/spring-security-6-oauth2-samples.svg?style=flat-square\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n这个项目是一个 [Spring Authorization Server](https://spring.io/projects/spring-authorization-server) 示例教程的集合，基于\nSpring Security 6，使用 Maven 构建。\n\n\u003e 💡注意：喜欢的话别忘了给项目一个star🌟哦！\n\n## 构建项目\n\nJDK 版本 17+。\n\n```bash\n./mvnw clean install -Dmaven.test.skip=true\n```\n\n## 笔记\n\n### JWT\n\n名称解释：\n\n- JWT：JSON Web Token。包括 header、payload、signature 三部分。\n- JWS：Signed JWT，签名过的 JWT。其结构就是在之前 nonsecure JWT 的基础上，在头部声明签名算法，并在最后添加上签名。创建签名，是保证\n  JWT 不能被他人随意篡改。签名算法分为对称和非对称，签名的密钥或者密钥对称为 JWK。\n- JWK：JWT 的密钥\n- JWE：Encrypted JWT，payload 部分经过加密的 JWT。JWE 有五个部分，分别是 header、encrypted key、initialization\n  vector、ciphertext、authentication tag。\n\n区别：\n\n1. JWS是去验证数据的，而JWE是保护数据不被第三方的人看到的。通过JWE，JWT变得更加安全。\n2. JWE和JWS的公钥私钥方案不相同，JWS中，私钥持有者加密令牌，公钥持有者验证令牌。而JWE中，私钥一方应该是唯一可以解密令牌的一方。\n3. 在JWE中，公钥持有可以将新的数据放入JWT中，但是JWS中，公钥持有者只能验证数据，不能引入新的数据。因此，对于公钥/私钥的方案而言，JWS和JWE是互补的。\n\n## 参考\n\n- https://github.com/chensoul/SpringBootOAuth2\n- https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/oauth2\n- https://github.com/sjohnr/oauth2-workshop\n- https://github.com/jgrandja/multitenant-spring-auth-server\n- https://github.com/wdkeyser02/SpringAuthorizationServerCustomPasswordGrantType\n- \n- https://www.youtube.com/watch?v=Yh8t04NG_K4\n- https://www.youtube.com/watch?v=p3aLjH2VPzU\n- https://www.youtube.com/watch?v=GVsKQ4dp_pQ\n- https://github.com/eazybytes/springsecurity6\n- https://github.com/spring-tips/spring-security-5-oauth-client\n- https://github.com/spring-tips/spring-authorization-server-book\n- https://github.com/spring-tips/spring-authorization-server\n- https://github.com/atquil/spring-security/tree/JWT-oauth2\n- https://github.com/joshlong-attic/2024-11-06-jfall-nl/\n- https://github.com/spring-projects/spring-authorization-server/tree/main/samples\n- https://github.com/spring-tips/spring-authorization-server-book/\n- https://github.com/joshlong/bootiful-spring-boot-2024\n- https://github.com/danvega/golf-scheduler RestClient + 客户端验证\n- https://github.com/wdkeyser02/SpringBootSpringAuthorizationServer\n- https://github.com/wdkeyser02/SpringSecurityCloudGatewayAngularCSRFTutorial\n- https://github.com/wdkeyser02/SpringBootSpringAuthorizationServer/\n- https://github.com/wdkeyser02/SpringMfaAuthorizationServer\n- https://github.com/wdkeyser02/SpringAuthorizationServerCustomPasswordGrantType\n- https://github.com/danvega/spring-boot-oauth-demo JTE + TailwindCSS + GitHub + Google\n- https://github.com/rwinch/spring-enterprise-authorization-server\n- https://github.com/nguyenquangos0302git/learn-spring-security/\n- https://github.com/lorchr/light-docusaurus/tree/616a7e7e2098bd6ec8a6fd0f59ee7502ae5dd394/docs/zh-cn/spring-authorization-server\n- https://github.com/ProductDock/spring-authorization-server-showcase jdbc + spring cloud gateway\n\n## 工具\n\n- https://www.oauth.com/playground\n- https://jwt.io/\n- https://oidcdebugger.com/debug\n- https://oauthdebugger.com/debug\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchensoul%2Fspring-security-6-oauth2-samples","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchensoul%2Fspring-security-6-oauth2-samples","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchensoul%2Fspring-security-6-oauth2-samples/lists"}