Authentication and authorization for Microservices with OAuth 2.0 (OAuth2) and OpenID Connect 1.0 (OIDC). This contains both, theory parts on all important concepts, and hands-on practice labs.
Table of Contents
- Workshop Tutorial
- Requirements and Setup
- Hands-On Workshop
- Feedback
- License
To follow the hands-on workshop please open the workshop tutorial.
For the hands-on workshop you will extend a provided sample application along with guided tutorials.
The components you will build (and use) look like this:
Please check out the complete documentation for the sample application before starting with the first hands-on lab.
All the code currently is build using
- Spring Boot 2.4.x Release
- Spring Framework 5.3.x Release
- Spring Security 5.4.x Release
- Spring Batch 4.3.x Release
All code is verified against the currently supported long-term version 11 of Java (The latest version 14 should work as well).
To check system requirements and setup for this workshop please follow the setup guide.
- Lab: Authorization Grant Flows in Action
- Demo: Authorization Code Grant Flow in Action
- Demo: A pre-defined OAuth2 client for GitHub
- Lab 1: OAuth2/OIDC Resource Server
- Lab 2: OAuth2/OIDC Web Client (Auth Code Flow)
- Lab 3: OAuth2/OIDC Batch Job Client (Client-Credentials Flow)
- Lab 4: OAuth2/OIDC Testing Environment
- Lab 5: OAuth2/OIDC Angular Client
- Demo: Multi-Tenant Resource Server
- Demo: OAuth2/OIDC Resource Server with Micronaut
- Demo: OAuth2/OIDC Resource Server with Quarkus
- Lab: Keycloak Testcontainers
Any feedback on this hands-on workshop is highly appreciated.
Just send an email to andreas.falk(at)novatec-gmbh.de or contact me via Twitter (@andifalk).
Apache 2.0 licensed