Oauth 2 Centralized Authorization with Spring Boot 2.0.2 and Spring Security 5 and JDBC token store
In this post we will see how to use Spring Boot 2 together with Spring Security 5 OAuth2 to implement an authorization server for centralized authorization and how to administrate it through a GUI also a resource server demo will be provided as well as the whole project under github.
A lot of examples cover the implementation of Oauth2 using in-memory tokens based on earlier versions of Spring boot 2 and Spring Security 5, so the idea is to use a MySql database as a token store.
To get deep into the topic we will have to:
- Configure Spring Security .
- Configure the database.
- Create an Authorization Server.
- Create a Resource Server.
- Get a secured Resource using an access token using a curl client.
What is Oauth 2 ?
OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 supersedes the work done on the original OAuth protocol created in 2006. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices. This specification and its extensions are being developed within the IETF OAuth Working Group.
