https://github.com/daggerok/oauth2-jdbc-example

This repository contains Spring / OAuth2 application architecture: Authorization Server (with JDBC token store), Resourse Server (with secured REST API) and Web Client Application uses both to access secure data
https://github.com/daggerok/oauth2-jdbc-example

adoc asciidoc asciidoctor docker docker-compose gradle spring-boot spring-jdbc spring-mvc spring-oauth2 spring-security spring-thymeleaf thymeleaf thymeleaf-engine thymeleaf-template-engine

Last synced: 3 months ago
JSON representation

This repository contains Spring / OAuth2 application architecture: Authorization Server (with JDBC token store), Resourse Server (with secured REST API) and Web Client Application uses both to access secure data

• Host: GitHub
• URL: https://github.com/daggerok/oauth2-jdbc-example
• Owner: daggerok
• License: mit
• Created: 2018-06-04T00:05:44.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2018-09-04T14:31:22.000Z (about 7 years ago)
• Last Synced: 2025-01-10T00:43:31.722Z (10 months ago)
• Topics: adoc, asciidoc, asciidoctor, docker, docker-compose, gradle, spring-boot, spring-jdbc, spring-mvc, spring-oauth2, spring-security, spring-thymeleaf, thymeleaf, thymeleaf-engine, thymeleaf-template-engine
• Language: Java
• Homepage: https://daggerok.github.io/oauth2-jdbc-example
• Size: 206 KB
• Stars: 0
• Watchers: 3
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.adoc
  • License: LICENSE

Awesome Lists containing this project

README

          
= oauth2-jdbc-example image:https://travis-ci.org/daggerok/oauth2-jdbc-example.svg?branch=master["Build Status", link="https://travis-ci.org/daggerok/oauth2-jdbc-example"]

//tag::content[]

For some reason, big part of software developers community do not care about security

I think main reason is because security hard topic. And it's really sad.

Main goal of that project is learn spring-security oauth2 (JDBC)

Because any enterprise application can't go live without security, I believe it should be done first!

You must avoid situation when big part of application architecture later may be rewritten to apply security...

//end::content[]

Checkout link:https://daggerok.github.io/security-first[project reference] :)

.build and run in docker

[source,bash]

----

docker-compose build base-image

docker-compose run -v ~/.m2:/root/.m2 -v ~/.gradle:/root/.gradle build

docker-compose run all; docker-compose logs -f -t

----

open http://127.0.0.1:8003 and use clientId / secret

h2 database cosnole:

- visit: http://0.0.0.0:8001/h2-console/ (first use proper http basic auth if required: pwd / usr)

- use next h2 console settings to connect to database:

  .. jdbc url: jdbc:h2:file:./oauth2-jdbc-example

  .. username: oauth2-jdbc-example

  .. password: oauth2-jdbc-example

.build and run in docker

[source,bash]

----

docker-compose stop

----