Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/tinmegali/Oauth2-Stateless-Authentication-with-Spring-and-JWT-Token
Oauth2 Stateless Authentication with Spring and JWT Token
https://github.com/tinmegali/Oauth2-Stateless-Authentication-with-Spring-and-JWT-Token
h2-database oauth2 spring-boot spring-security spring-security-oauth2
Last synced: about 2 months ago
JSON representation
Oauth2 Stateless Authentication with Spring and JWT Token
- Host: GitHub
- URL: https://github.com/tinmegali/Oauth2-Stateless-Authentication-with-Spring-and-JWT-Token
- Owner: tinmegali
- License: mit
- Created: 2017-06-20T23:32:36.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2018-10-02T08:50:57.000Z (about 6 years ago)
- Last Synced: 2024-08-01T09:23:07.671Z (5 months ago)
- Topics: h2-database, oauth2, spring-boot, spring-security, spring-security-oauth2
- Language: Java
- Size: 532 KB
- Stars: 108
- Watchers: 10
- Forks: 46
- Open Issues: 2
-
Metadata Files:
- Readme: readme.md
- License: LICENSE
Awesome Lists containing this project
README
Oauth2 Stateless Authentication with Spring and JWT Token
This project uses Spring Security to authenticate and protect some Rest resources.
It useswithAuthorizationServerConfigurerAdapter
,ResourceServerConfigurerAdapter
andWebSecurityConfigurerAdapter
combined with@PreAuthorize
to configure the security.
It also uses an H2 embeded database to authenticate the users.Article on the project
USING SPRING OAUTH2 TO SECURE RESTExternal references
This project was inspired by all these references.
To Build and Run
Go to the cloned directory and run
mvn spring-boot:run
or build with your chosen IDE.
Curl Commands
You should install ./JQ before running these Curl commands.
To get a new token
curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq
To get a refresh token
curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=access_token&access_tokem=[ACCESS_TOKEN]" | jq
To access a protected resource
curl -H "Authorization: Bearer [ACCESS_TOKEN]" localhost:8080/api/hello
Register new Account
curl -H "Authorization: Bearer $(curl register-app:secret@localhost:8080/oauth/token -d "grant_type=client_credentials&client_id=register-app" | jq --raw-output ."access_token")" localhost:8080/api/register -H "Content-Type: application/json" -d '{"username":"new-user","password":"password","firstName":"First","lastName":"Last","email":"[email protected]"}' | jq
Curl sample commands
api/me
curl -H "Authorization: Bearer $(curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq --raw-output ."access_token")" localhost:8080/api/me | jq