leonavevor/oauth2-sso-demo

Simple OAuth2 SSO Demo with Spring Boot + Spring Security OAuth2

⚠️ Spring Boot 2.0 / Spring Security 5.0 version is here

OAuth2 SSO Demo with Spring Boot + Spring Security OAuth2

This demo app consists of following three components:

• Authorization ... OAuth2 Authorization Server
• Resource ... OAuth2 Resource Server. Provides REST API.
• UI ... Web UI using SSO based on OAuth2

Authorization Code Flow

Resource Owner Password Credentials Flow

Get an Access Token

$ curl -XPOST -u demo:demo localhost:9999/uaa/oauth/token -d grant_type=password -d username=user -d password=password
{"access_token":"00bc1b1a-36be-4884-855b-c7854d7b7915","token_type":"bearer","refresh_token":"06c522b3-66fc-4de1-9a0e-cd1765f8a0a2","expires_in":43199,"scope":"read write"}

Post a Resource

$ curl -H 'Authorization: Bearer 00bc1b1a-36be-4884-855b-c7854d7b7915' \
       -H 'Content-Type: application/json' \
       -d '{"text" : "Hello World!"}' \
       localhost:7777/api/messages
{"text":"Hello World!","username":"user","createdAt":"2016-05-16T12:48:39.466"}

Get Resources

$ curl -H 'Authorization: Bearer 00bc1b1a-36be-4884-855b-c7854d7b7915' localhost:7777/api/messages
[{"text":"Hello World!","username":"user","createdAt":"2016-05-16T12:48:39.466"}]

Variants

• JWT version
• Zuul integration using Ajax
• Use GitHub API instead of Authorization Server
• Use Google+ API instead of Authorization Server