https://github.com/hendisantika/spring-oauth2-jwt

Oauth2 Stateless Authentication with Spring and JWT
https://github.com/hendisantika/spring-oauth2-jwt

Last synced: about 2 months ago
JSON representation

Oauth2 Stateless Authentication with Spring and JWT

• Host: GitHub
• URL: https://github.com/hendisantika/spring-oauth2-jwt
• Owner: hendisantika
• Created: 2018-07-06T22:24:01.000Z (almost 7 years ago)
• Default Branch: master
• Last Pushed: 2025-03-22T21:04:18.000Z (3 months ago)
• Last Synced: 2025-03-22T22:18:57.415Z (3 months ago)
• Language: Java
• Size: 641 KB
• Stars: 3
• Watchers: 2
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        


Oauth2 Stateless Authentication with Spring and JWT Token





This project uses Spring Security to authenticate and protect some Rest resources.

 It uses withAuthorizationServerConfigurerAdapter, ResourceServerConfigurerAdapter

  and WebSecurityConfigurerAdapter combined with @PreAuthorize to configure the security.

  It also uses an H2 embeded database to authenticate the users.



Article on the project

USING SPRING OAUTH2 TO SECURE REST


External references

This project was inspired by all these references.

 Using JWT with Spring Security OAuth

 JWT authentication with Spring Web

 JWT Authentication Tutorial: An example using Spring Boot

 Spring Oauth2 with JWT Sample

 OAuth2 in depth: A step-by-step introduction for enterprises

 spring-auth-example


To Build and Run

Go to the cloned directory and run mvn spring-boot:run or build with your chosen IDE.


Curl Commands

You should install ./JQ before running these Curl commands.



To get a new token 




curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq






To get a refresh token




curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=access_token&access_tokem=[ACCESS_TOKEN]" | jq






To access a protected resource




curl -H "Authorization: Bearer [ACCESS_TOKEN]" localhost:8080/api/hello







Register new Account




curl -H "Authorization: Bearer $(curl register-app:secret@localhost:8080/oauth/token -d "grant_type=client_credentials&client_id=register-app" | jq --raw-output ."access_token")" localhost:8080/api/register -H "Content-Type: application/json" -d '{"username":"new-user","password":"password","firstName":"First","lastName":"Last","email":"[email protected]"}' | jq









Curl sample commands

api/me



curl -H "Authorization: Bearer $(curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq --raw-output ."access_token")" localhost:8080/api/me | jq