If you’re struggling to set up a persistence-based OAuth2 module, consider trying
https://github.com/patternhelloworld/spring-oauth2-easyplus
- App-Token based easy OAuth2 implementation built to grow with Spring Boot
- Complete separation of the library and the client (Library : API, Client : DOC, Integration tester)
- Extensible: Supports multiple authorization servers and resource servers with this library.
- Hybrid Resource Servers Token Verification Methods: Support for multiple verification approaches, including API calls to the authorization server, direct database validation, and local JWT decoding.
- Immediate Permission (Authority) Check: Not limited to verifying the token itself, but also ensuring real-time validation of any updates to permissions in the database.
- Authentication management based on a combination of username, client ID, and App-Token : What is an App-Token? An App-Token is a new access token generated each time the same account logs in. If the token values are the same, the same access token is shared.
- Separated UserDetails implementation for Admin and Customer roles as an example. (This can be extended such as Admin, Customer, Seller and Buyer… by implementing UserDetailsServiceFactory)
- Authorization Code Flow with Optional PKCE, Authorization Consent and Single Page Application (XMLHttpRequest)
- ROPC for scenarios where accessing a browser screen on the server is either unavailable or impractical
- Application of Spring Rest Docs, Postman payloads provided
Top comments (0)