oidc1-on-secoauth2

Extends Spring Security OAuth2 to suport OpenID Connect (OIDC) 1.0. tonr/sparklr samples from SECOAUTH2 to work with ODIC.

This project is inspired by MITREid Connect and Nimbus OAuth 2.0 SDK w/ OpenID Connect, borrowed a lot of idea from them.

Getting Started

Spring framework dependencies

spring-* : 3.2.8.RELEASE
spring-security : 3.2.3.RELEASE
spring-security-oauth2 : 2.0.1.RELEASE

Build samples applications (command line)

"mvn package" in oidc1-on-secoauth2 directory will create three war files (tonr, sparklr, keyhole).

Run in eclipse

Import tonr, sparklr, keyhole and oidc-* projects with "Existing Maven projects" (Import -> Maven)
If necessary, change the "authServerUri" property in odic.properties.

Now you can deploy all 3 apps (tonr2, sparklr2, keyhole2) into your Servers environment!

OIDC features

Supported:

(2014-06-26)

ID token validation (partially) 3.1.3.7. ID Token Validation
(partially) 7. Self-Issued OpenID Provider

(2014-06-19)

Authorization Code Flow in Section 3.1.1 to 3.1.3.6 in OpenID Connect Core 1.0.
Plain JWT format for ID Token (Uses Nimbus JOSE JWT)

Working (Hopfully support soon):

ID Token Validation (Section 3.1.3.7)
Signed/Encrypted JWT
UserInfo (/userinfo) endpoint and claims (Section 5)

Not Yet Supported:

Implict Flow (Section 3.2), Hybrid Flow (Section 3.3)
Initiating Login from Third parties (Section 4)
OpenID Connect Discovery
OpenID Connect Dynamic Registration
Session Management

Next step

See this document how these sample apps works: OAuth2 Single Sign On with spring-security-oauth2

Project Name	Stars	Repos Using This	Packages Using This	Most Recent Commit	Total Releases	Latest Release	Open Issues	License	Language
Springall	24,478			5 months ago			26	mit	Java
循序渐进，学习Spring Boot、Spring Boot & Shiro、Spring Batch、Spring Cloud、Spring Cloud Alibaba、Spring Security & Spring Security OAuth2，博客Spring系列源码：https://mrbird.cc
Spring Security	7,539	16,215	1,011	18 hours ago	174	August 15, 2022	846	apache-2.0	Java
Spring Security
Jwt Spring Security Demo	2,534			3 years ago			2	mit	Java
A demo for using JWT (Json Web Token) with Spring Security and Spring Boot 2
Jasypt Spring Boot	2,325	352	104	3 months ago	29	August 29, 2021	22	mit	Java
Jasypt integration for Spring boot
Pac4j	2,241	146	129	3 days ago	96	September 08, 2022		apache-2.0	Java
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Spring Boot Leaning	2,068			5 months ago			1		Java
Spring Boot 2.X 最全课程代码
Spring Security Oauth	1,869			20 days ago			9	mit	Java
Just Announced - "Learn Spring Security OAuth":
Tut Spring Security And Angular Js	1,671			22 days ago			92		TypeScript
Spring Security and Angular:: A tutorial on how to use Spring Security with a single page application with various backend architectures, ranging from a simple single server to an API gateway with OAuth2 authentication.
X Springboot	1,662			a month ago			1		Java
X-SpringBoot是一个轻量级的Java快速开发平台，能快速开发项目并交付【接私活利器】
Security Core	1,660	9,008	373	13 days ago	471	June 25, 2022		mit	PHP
Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.

Oidc1 On Secoauth2