https://github.com/miller79/spring-security-demo

Demonstrates how to use Spring Security with common production patterns.
https://github.com/miller79/spring-security-demo

java oauth2 security spring spring-boot spring-framework spring-security

Last synced: 12 months ago
JSON representation

Demonstrates how to use Spring Security with common production patterns.

• Host: GitHub
• URL: https://github.com/miller79/spring-security-demo
• Owner: miller79
• License: mit
• Created: 2024-08-03T03:51:34.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2025-06-01T12:41:05.000Z (about 1 year ago)
• Last Synced: 2025-06-07T15:05:09.786Z (about 1 year ago)
• Topics: java, oauth2, security, spring, spring-boot, spring-framework, spring-security
• Language: Java
• Homepage:
• Size: 262 KB
• Stars: 5
• Watchers: 1
• Forks: 2
• Open Issues: 6
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Spring Security Demo

- [Spring Security Demo](#spring-security-demo)

  - [Introduction](#introduction)

  - [Architecture](#architecture)

    - [Introduction](#introduction-1)

    - [main-api-servlet](#main-api-servlet)

    - [main-api-reactive](#main-api-reactive)

    - [microservice](#microservice)

    - [Diagram](#diagram)

  - [Resources](#resources)

## Introduction

This repository is created to demonstrate how to create a Spring Security application that uses OAuth 2.0 with custom security Authorization rules. The main focuses of this repository include the following:

- How to secure an API with OAuth 2.0

- How to customize Roles from the JWT token

- How to add custom Roles from another source

- How to pass the Authorization down to another microservice

- How to call another microservice using client credentials

- Utilizing only Spring to accomplish each task

## Architecture

### Introduction

This project contains 3 applications, two that represent the servlet and reactive approach to creating an API and one that is a basic secured microservice that the first two services call.

### main-api-servlet

This application is an API created using Spring Boot using a servlet approach. This application provides endpoints that provide demos including the following:

- RestClient and RestTemplate

- Method Level Security

- Custom Security Filters

- Integration tests using the following:

  - MockMvc

  - MockRestServiceServer

  - MockServerRestClientCustomizer

  - WithMockUser

### main-api-reactive

This application is an API created using Spring Boot using a reactive approach. This application provides endpoints that provide demos including the following:

- WebClient

- Method Level Security

- Custom Security Filters

- Integration tests using the following:

  - OkHttp

  - WithMockUser

### microservice

This application is a simple Spring Boot microservice using a reactive approach that contains one endpoint that is secured using OAuth 2.0. It demonstrates how to set it up and how to perform an integration test.

### Diagram

![spring-security-diagram](resources/plantuml/spring-security-diagram/Spring%20Security%20Diagram.png)

![spring-security-interaction-diagram](resources/plantuml/spring-security-interaction-diagram/Spring%20Security%20Interaction%20Diagram.png)

## Resources

- [Spring Boot Reference Documentation](https://docs.spring.io/spring-boot/index.html)

- [Spring Framework Reference Documentation](https://docs.spring.io/spring-framework/reference/index.html)

- [Spring Security Reference Documentation](https://docs.spring.io/spring-security/reference/index.html)