Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tinmegali/Oauth2-Stateless-Authentication-with-Spring-and-JWT-Token

Oauth2 Stateless Authentication with Spring and JWT Token
https://github.com/tinmegali/Oauth2-Stateless-Authentication-with-Spring-and-JWT-Token

h2-database oauth2 spring-boot spring-security spring-security-oauth2

Last synced: about 2 months ago
JSON representation

Oauth2 Stateless Authentication with Spring and JWT Token

Awesome Lists containing this project

README

        


Oauth2 Stateless Authentication with Spring and JWT Token



This project uses Spring Security to authenticate and protect some Rest resources.
It uses withAuthorizationServerConfigurerAdapter, ResourceServerConfigurerAdapter
and WebSecurityConfigurerAdapter combined with @PreAuthorize to configure the security.
It also uses an H2 embeded database to authenticate the users.

Article on the project


USING SPRING OAUTH2 TO SECURE REST

External references


This project was inspired by all these references.
  • Using JWT with Spring Security OAuth
  • JWT authentication with Spring Web
  • JWT Authentication Tutorial: An example using Spring Boot
  • Spring Oauth2 with JWT Sample
  • OAuth2 in depth: A step-by-step introduction for enterprises
  • spring-auth-example

    To Build and Run


    Go to the cloned directory and run mvn spring-boot:run or build with your chosen IDE.

    Curl Commands


    You should install ./JQ before running these Curl commands.

    To get a new token


    curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq



    To get a refresh token


    curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=access_token&access_tokem=[ACCESS_TOKEN]" | jq



    To access a protected resource


    curl -H "Authorization: Bearer [ACCESS_TOKEN]" localhost:8080/api/hello


    Register new Account


    curl -H "Authorization: Bearer $(curl register-app:secret@localhost:8080/oauth/token -d "grant_type=client_credentials&client_id=register-app" | jq --raw-output ."access_token")" localhost:8080/api/register -H "Content-Type: application/json" -d '{"username":"new-user","password":"password","firstName":"First","lastName":"Last","email":"[email protected]"}' | jq



    Curl sample commands
    api/me

    curl -H "Authorization: Bearer $(curl trusted-app:secret@localhost:8080/oauth/token -d "grant_type=password&username=user&password=password" | jq --raw-output ."access_token")" localhost:8080/api/me | jq