-
https://docs.spring.io/spring-security/site/docs/current/reference/html/oauth2.html
-
https://docs.spring.io/spring-security/site/docs/current/reference/html5/
-
https://developer.okta.com/blog/2019/05/15/spring-boot-login-options
-
https://developer.okta.com/docs/guides/implement-oauth-for-okta/request-access-token/
-
https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/
-
https://github.com/AzureAD/azure-activedirectory-library-for-java
-
https://github.com/AzureAD/microsoft-authentication-library-for-java
-
https://docs.microsoft.com/en-us/azure/active-directory/develop/sample-v2-code
-
https://www.youtube.com/watch?v=WbnuwpSBXPs&list=PLAdzTan_eSPRlQ8t4TU5c-AB4SHV939M6&index=24&t=77s
-
https://github.com/jgrandja/oauth2-protocol-patterns We were using the "s1p-2019" branch
- https://medium.com/@abhinavsonkar/making-azure-ad-oidc-compliant-5734b70c43ff
- https://www.voitanos.io/blog/validating-azure-ad-generated-oauth-tokens
- AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet#609
- https://www.youtube.com/watch?v=EBdm683HdAo&list=PLAdzTan_eSPRlQ8t4TU5c-AB4SHV939M6&index=159&t=0s
- https://www.youtube.com/watch?v=RRMO4oNptoQ&list=PLAdzTan_eSPRlQ8t4TU5c-AB4SHV939M6&index=157&t=0s
- https://www.youtube.com/watch?v=ke13w8nab-k&list=PLAdzTan_eSPRlQ8t4TU5c-AB4SHV939M6&index=163&t=444s
-
note that okta implementation of authorization uses the client secret
-
https://developer.okta.com/blog/2020/01/23/pkce-oauth2-spring-boot