Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ims94/spring-boot-jwt-authorization

Example project to do role based access control (RBAC) using Spring Boot and JWT
https://github.com/ims94/spring-boot-jwt-authorization

authorization jwt jwt-authentication rbac rest-api role-based-access-control roles security single-page-app spring-boot spring-security

Last synced: about 2 months ago
JSON representation

Example project to do role based access control (RBAC) using Spring Boot and JWT

Host: GitHub
URL: https://github.com/ims94/spring-boot-jwt-authorization
Owner: IMS94
Created: 2021-09-19T06:30:09.000Z (over 3 years ago)
Default Branch: master
Last Pushed: 2021-12-17T02:23:27.000Z (about 3 years ago)
Last Synced: 2023-03-03T00:18:49.982Z (almost 2 years ago)
Topics: authorization, jwt, jwt-authentication, rbac, rest-api, role-based-access-control, roles, security, single-page-app, spring-boot, spring-security
Language: Java
Homepage:
Size: 534 KB
Stars: 26
Watchers: 1
Forks: 22
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Role Based Access Control (RBAC) with Spring Boot and JWT

This repo hosts the source code for the article [**Role Based Access Control (RBAC) with Spring Boot and JWT**](https://medium.com/geekculture/role-based-access-control-rbac-with-spring-boot-and-jwt-bc20a8c51c15?source=github_source).

This example project demonstrates how to use the Spring Boot's inbuilt OAuth2 Resoure Server to authenticate and
authorize REST APIs with JWT. First, we have enabled **JWT authentication** and secondly, have introduced
**Role Based Access Control (RBAC)** by mapping a roles claim in JWT to granted authorities in Spring Security.

Furthermore, provides a "/login" endpoint to generate and issue JWTs upon
successful login by the users.

This approach is ideal to be used as the
**backend for a single page application (SPA)** written using a frontend framework like
ReactJS, Angular, etc...

## Solution Overview

![Solution Overview](https://github.com/IMS94/spring-boot-jwt-authorization/blob/master/authorization_process.png?raw=true "Solution Overview")

## Role Based Access Control
An example of role based access control.

![RBAC Example](https://github.com/IMS94/spring-boot-jwt-authorization/blob/master/rbac_sample.png?raw=true "Solution Overview")

## JWT Authentication Overview

![Solution Overview](https://github.com/IMS94/spring-boot-jwt-authorization/blob/master/solution_overview.png?raw=true "Solution Overview")

## Getting Started

- Use `mvn clean install` in the project root directory to build the project.
- Run the main class, `com.example.springboot.jwt.JwtApplication` to start the application.

## Endpoints

- `/login` -> Public endpoint which returns a signed JWT for valid user credentials (username/password)
- `/products` -> Contains several endpoints to add and remove product entities. Protected by JWT authentication and
authorized based on role.