I’m developing back-end services and securing it using my custom OAuth server. At front-end I’m planning to support facebook, google and username and password OAuth. How can I implement this using spring boot ?
Spring Boot and OAuth2
This tutorial demonstrates how to create a Spring Boot app that leverages OAuth2 authorization via Facebook and GitHub.
Spring Boot + Spring Security + OAuth2 + Microservices
This tutorial demonstrates how to create a microservices architecture with a Spring Boot stack that separates your concerns into the following apps: UI, Auth, Resource.
Related
I need to handle authentication of hundreds of thousands of users.
For the moment I have bunch of microservices and a single SpringBoot app configured as Spring Security OAuth2 Authorization Server.
Does Spring Security OAuth2 Authorization Server support horizontal scaling?
(for example, Dockerize that Spring Security OAuth2 Authorization Server and use AWS ECS to launch multiple instances)
I cound't find any official Spring Security OAuth2 documentation talking about scalability.
Today I'm using Spring Boot OAuth2 to grant correct use of OAuth2 in my project, so I have the following:
I have API A calling API B
API A generate JWT Token and calls API B.
API B validate the JWT Token using two ways: Online (Introspection) and Offline (with RSA keys).
So, migrating to Spring Security 5 I got the following problems:
I didn't found any samples (https://github.com/spring-projects/spring-security/tree/master/samples/boot) using Spring Cloud OpenFeign. All my project use it (Feing) and change to Spring WebClient can be very problematic.
Documentation just talk about WebClient (https://docs.spring.io/spring-security/site/docs/current/reference/html5/#oauth2client), nothing about RestTemplate or Feign.
Joe Grandja wrote an OAuth2 application and the corresponding migrated Spring Security application.
You can check the examples here:
Spring Security OAuth 2.4 Migration Sample
Also, docs about configuring Spring Security are here:
OAuth 2.0 Resource Server
I want to secure different Spring boot rest APIs using OAuth2 authorization server.
What is the best solution to achieve this?
currently am Creating Rest Apis in Spring Boot I want to secure Those Apis Using Okta Wit Oauth.
Can Any one Help On this....
You can use Okta's Spring Boot Starter for this. https://github.com/okta/okta-spring-boot
Warning: there is an issue where you can't use devtools with this starter.
I have an app (A) exposing REST services secured with oauth2. (spring security oauth2/spring-web)
I want to create a second app (B) (spring-boot or normal spring), from where I can login then call the REST services from A.
How can I configure security in app B so I can use both social login (facebook, twitter, google) and call REST services from app A? Is there an example using spring security/oauth/social integration?
I've found some examples but none sais how to integrate them
Have you tries the Spring oAuth2 tutorial with FB and Google login? This also includes a local login. All code is available in git from the link in the right column of the tutorial.