mvn clean
mvn spring-boot:run
- After starting the application Click on Swagger-home
I used H2 DB Embedded Databases to get information about user, you can add user in data.sql
to secure methods, you can add the mapping in (ResourceServerConfiguration.java)
public void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.anonymous().disable()
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS).permitAll()
.antMatchers("/oauth/**").authenticated();
}
-
Type of authorization : L’autorisation via mot de passe (Resource Owner Password Credentials Grant)
-
La sécurisation et l'autorisation est pris en charge au niveau de la méthode par les annotations, en définissant les rôles globales une seule fois dans la classe de configuration (ResourceServerConfiguration).
oauth configurations : applications properties
config.oauth2.tokenTimeout=3600
config.oauth2.resource.id=*****
config.oauth2.clientID=*****
config.oauth2.clientSecret=*****
security.oauth2.client.grantType=*****
config.oauth2.accessTokenUri=*******
badr@hive.com | password
ayoub@hive.com | password
nidal@hive.com | password
- Use above given user details to login and generate the authorization token.
http://www.bubblecode.net/fr/2016/01/22/comprendre-oauth2/
https://dzone.com/articles/hashing-passwords-in-java-with-bcrypt
https://swagger.io/docs/specification/authentication/oauth2/