Spring Rest Service Oauth

A simple OAuth protected REST service built with Spring Boot and Spring Security OAuth
Alternatives To Spring Rest Service Oauth
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Springall25,866
7 months ago29mitJava
循序渐进,学习Spring Boot、Spring Boot & Shiro、Spring Batch、Spring Cloud、Spring Cloud Alibaba、Spring Security & Spring Security OAuth2,博客Spring系列源码:https://mrbird.cc
Spring Security8,26516,2151,194a day ago215November 20, 2023911apache-2.0Java
Spring Security
Jasypt Spring Boot2,6903521622 months ago30December 15, 202240mitJava
Jasypt integration for Spring boot
Jwt Spring Security Demo2,534
4 years ago2mitJava
A demo for using JWT (Json Web Token) with Spring Security and Spring Boot 2
Pac4j2,361146154a day ago113November 22, 2023apache-2.0Java
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
Spring Boot Leaning2,068
a year ago1Java
Spring Boot 2.X 最全课程代码
X Springboot2,031
5 days ago4Java
X-SpringBoot是一个轻量级的Java快速开发平台,能快速开发项目并交付【接私活利器】
Spring Security Oauth1,949
2 days ago23mitJava
Just Announced - "Learn Spring Security OAuth":
Security Core1,7649,00845324 days ago524November 30, 2023mitPHP
Symfony Security Component - Core Library
Spring Security React Ant Design Polls App1,705
2 months ago47Java
Full Stack Polls App built using Spring Boot, Spring Security, JWT, React, and Ant Design
Alternatives To Spring Rest Service Oauth
Select To Compare


Alternative Project Comparisons
Readme

Spring REST Service OAuth

Build Status

This is a simple REST service that provides a single RESTful endpoint protected by OAuth 2. The REST service is based on the Building a RESTful Web Service getting started guide. This project incorporates the new Java-based configuration support, now available in Spring Security OAuth 2.0. Please log any issues or feature requests to the Spring Security OAuth project.

Spring Projects

The following Spring projects are used in this sample app:

Build and Run

Use Gradle:

./gradlew clean build bootRun

Or Maven:

mvn clean package spring-boot:run

Usage

Test the greeting endpoint:

curl http://localhost:8080/greeting

You receive the following JSON response, which indicates you are not authorized to access the resource:

{
  "error": "unauthorized",
  "error_description": "An Authentication object was not found in the SecurityContext"
}

In order to access the protected resource, you must first request an access token via the OAuth handshake. Request OAuth authorization:

curl -X POST -vu clientapp:123456 http://localhost:8080/oauth/token -H "Accept: application/json" -d "password=spring&username=roy&grant_type=password&scope=read%20write&client_secret=123456&client_id=clientapp"

A successful authorization results in the following JSON response:

{
  "access_token": "ff16372e-38a7-4e29-88c2-1fb92897f558",
  "token_type": "bearer",
  "refresh_token": "f554d386-0b0a-461b-bdb2-292831cecd57",
  "expires_in": 43199,
  "scope": "read write"
}

Use the access_token returned in the previous request to make the authorized request to the protected endpoint:

curl http://localhost:8080/greeting -H "Authorization: Bearer ff16372e-38a7-4e29-88c2-1fb92897f558"

If the request is successful, you will see the following JSON response:

{
  "id": 1,
  "content": "Hello, Roy!"
}

After the specified time period, the access_token will expire. Use the refresh_token that was returned in the original OAuth authorization to retrieve a new access_token:

curl -X POST -vu clientapp:123456 http://localhost:8080/oauth/token -H "Accept: application/json" -d "grant_type=refresh_token&refresh_token=f554d386-0b0a-461b-bdb2-292831cecd57&client_secret=123456&client_id=clientapp"

SSL

To configure the project to run on HTTPS as shown in Building REST services with Spring, enable the https profile. You can do this by uncommenting the appropriate line in the application.properties file of this project. This will change the server port to 8443. Modify the previous requests as in the following command.

curl -X POST -k -vu clientapp:123456 https://localhost:8443/oauth/token -H "Accept: application/json" -d "password=spring&username=roy&grant_type=password&scope=read%20write&client_secret=123456&client_id=clientapp"

The -k parameter is necessary to allow connections to SSL sites without valid certificates or the self signed certificate which is created for this project.

Cloud Foundry Demo

The service is deployed to Pivotal Cloud Foundry and available for testing. Modify the previous commands to point to the following URL:

curl http://rclarkson-restoauth.cfapps.io/greeting
Popular Security Projects
Popular Spring Projects
Popular Security Categories

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Java
Security
Rest
Spring
Oauth
Cloud Foundry