/oidc-workshop-spring-io-2019

Workshop at Spring I/O 2019 on "Securing Microservices with OpenID Connect and Spring Security 5.1"

Primary LanguageJavaScriptApache License 2.0Apache-2.0

License Build Status

Securing Microservices with OpenID Connect and Spring Security 5.1 @ Spring I/O 2019

Spring IO Workshop 2019

Have you ever wondered what the heck is OpenID Connect and how it differs from OAuth 2.0? Are Grant Types, Flows, JOSE, JWT or JWK unknown beings for you? Then this workshop is a great opportunity for you to get to know all these things by getting your hands dirty in code using Spring Security 5.1.

This repository contains the complete material for workshop at Spring I/O 2019 on Securing Microservices with OpenID Connect and Spring Security 5.1

Workshop Contents

This workshop content is split up into the following parts:

Requirements for Hands-On Part

To start the workshop you need:

Setup Keycloak

Preparation: Setting up Keycloak as Identity Provider

Intro Labs

Intro Lab 1: Follow the OAuth 2.0 authorization code flow in detail

Intro Lab 2: Implementing a GitHub Client using common OAuth 2.0 providers

Hands-On Part Labs

The hands-on part of the workshop is split up into the following parts:

Lab 1: Implementing an OAuth2/OIDC resource server

Lab 2: Implementing an OAuth2/OIDC client (authorization code flow)

Lab 3: Implementing an OAuth2/OIDC client (client credentials flow)

Lab 4: Testing JWT tokens

License

Apache 2.0 licensed

Copyright (c) by 2019 Andreas Falk