├── .gitignore ├── src └── main │ ├── resources │ └── config │ │ └── application.yml │ └── java │ └── com │ └── github │ └── oauth2 │ └── client │ ├── ResourceServerConfig.java │ └── ClientApplication.java ├── nbactions.xml ├── README.md └── pom.xml /.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | !.mvn/wrapper/maven-wrapper.jar 3 | 4 | ### STS ### 5 | .apt_generated 6 | .classpath 7 | .factorypath 8 | .project 9 | .settings 10 | .springBeans 11 | 12 | ### IntelliJ IDEA ### 13 | .idea 14 | *.iws 15 | *.iml 16 | *.ipr 17 | 18 | ### NetBeans ### 19 | nbproject/private/ 20 | build/ 21 | nbbuild/ 22 | dist/ 23 | nbdist/ 24 | .nb-gradle/ 25 | 26 | ### VS Code ### 27 | .vscode 28 | -------------------------------------------------------------------------------- /src/main/resources/config/application.yml: -------------------------------------------------------------------------------- 1 | spring: 2 | application: 3 | name: spring-boot-oauth2-client 4 | mvc: 5 | favicon: 6 | enabled: false 7 | throw-exception-if-no-handler-found: true 8 | main: 9 | banner-mode: 'off' 10 | security: 11 | oauth2: 12 | resource: 13 | filter-order: 3 14 | client: 15 | authenticationScheme: header 16 | logging: 17 | level: 18 | # org.springframework.security: DEBUG 19 | 20 | server: 21 | port: 8081 22 | error: 23 | whitelabel: 24 | enabled: false -------------------------------------------------------------------------------- /nbactions.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | run 5 | 6 | jar 7 | 8 | 9 | process-classes 10 | org.codehaus.mojo:exec-maven-plugin:1.2.1:exec 11 | 12 | 13 | -classpath %classpath com.github.oauth2.client.ClientApplication 14 | java 15 | 16 | 17 | 18 | -------------------------------------------------------------------------------- /src/main/java/com/github/oauth2/client/ResourceServerConfig.java: -------------------------------------------------------------------------------- 1 | /* 2 | * To change this license header, choose License Headers in Project Properties. 3 | * To change this template file, choose Tools | Templates 4 | * and open the template in the editor. 5 | */ 6 | package com.github.oauth2.client; 7 | 8 | import org.springframework.context.annotation.Configuration; 9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 10 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; 11 | import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; 12 | import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; 13 | 14 | /** 15 | * 16 | * @author Aldwin Delgado 17 | */ 18 | @Configuration 19 | @EnableResourceServer 20 | public class ResourceServerConfig extends ResourceServerConfigurerAdapter { 21 | 22 | @Override 23 | public void configure(HttpSecurity http) throws Exception { 24 | http 25 | .headers().frameOptions().disable() 26 | .and() 27 | .csrf().disable() 28 | .authorizeRequests() 29 | .anyRequest() 30 | .authenticated(); 31 | } 32 | 33 | @Override 34 | public void configure(ResourceServerSecurityConfigurer resources) throws Exception { 35 | resources.resourceId("sample-oauth"); 36 | } 37 | 38 | } 39 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Sample standalone OAuth2 resource server for Spring Boot (Client) 2 | 3 | The requesting method for token supports both ```json format``` and ```url-encoded format``` 4 | 5 | 6 | The token validity is currently 60secs. 7 | 8 | 9 | Update any of the ```clienId```/```clientPassword```/```tokenValidity``` to however you want. 10 | 11 | ## Other implementations 12 | * Using [JDBC](https://github.com/aldwindelgado/spring-boot-oauth2-client/tree/jdbc) with default token 13 | * Using [JDBC with JWT](https://github.com/aldwindelgado/spring-boot-oauth2-client/tree/jwt) as the token 14 | 15 | ## Running 16 | ```shell 17 | mvn clean package spring-boot:run 18 | ``` 19 | 20 | ## Request for a token 21 | Use any of the curl commands to request an access token. 22 | 23 | #### Using URL-Encoded Format 24 | ``` 25 | curl -X POST -H "Authorization: Basic YWNjb3VudDpwYXNzd29yZA==" -H "Content-Type: application/x-www-form-urlencoded" -v localhost:8080/oauth/token?grant_type=client_credentials 26 | ``` 27 | #### Using JSON Format 28 | ``` 29 | curl -X POST -H "Authorization: Basic YWNjb3VudDpwYXNzd29yZA==" -H "Content-Type: application/json" -d '{ "grant_type": "client_credentials" }' -v localhost:8080/oauth/token 30 | ``` 31 | ## Using token to protected resource 32 | ``` 33 | curl -H "Authorization: Bearer " -v localhost:8081 34 | ``` 35 | ## Authorization Server 36 | See [spring-boot-oauth2-server](https://github.com/aldwindelgado/spring-boot-oauth2-server) for running the oauth-server (authorization server) 37 | -------------------------------------------------------------------------------- /src/main/java/com/github/oauth2/client/ClientApplication.java: -------------------------------------------------------------------------------- 1 | /* 2 | * To change this license header, choose License Headers in Project Properties. 3 | * To change this template file, choose Tools | Templates 4 | * and open the template in the editor. 5 | */ 6 | package com.github.oauth2.client; 7 | 8 | import org.springframework.boot.SpringApplication; 9 | import org.springframework.boot.autoconfigure.SpringBootApplication; 10 | import org.springframework.context.annotation.Bean; 11 | import org.springframework.http.HttpStatus; 12 | import org.springframework.http.MediaType; 13 | import org.springframework.http.ResponseEntity; 14 | import org.springframework.security.authentication.AuthenticationManager; 15 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 16 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 17 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; 18 | import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager; 19 | import org.springframework.security.oauth2.provider.token.RemoteTokenServices; 20 | import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; 21 | import org.springframework.web.bind.annotation.RequestMapping; 22 | import org.springframework.web.bind.annotation.RestController; 23 | 24 | /** 25 | * 26 | * @author Aldwin Delgado 27 | */ 28 | @SpringBootApplication 29 | @EnableResourceServer 30 | @EnableWebSecurity 31 | @RestController 32 | public class ClientApplication extends WebSecurityConfigurerAdapter { 33 | 34 | public static void main(String[] args) { 35 | SpringApplication.run(ClientApplication.class, args); 36 | } 37 | 38 | @RequestMapping( 39 | value = "/", 40 | produces = MediaType.APPLICATION_JSON_VALUE 41 | ) 42 | public ResponseEntity index() { 43 | return new ResponseEntity<>("{\"message\":\"Congrats, on unlocking the secret!\"}", HttpStatus.OK); 44 | } 45 | 46 | @RequestMapping( 47 | value = "/users", 48 | produces = MediaType.APPLICATION_JSON_VALUE 49 | ) 50 | public ResponseEntity anotherOne() { 51 | return new ResponseEntity<>("{\"message\":\"This is users page?\"}", HttpStatus.OK); 52 | } 53 | 54 | @Bean 55 | public ResourceServerTokenServices tokenServices() { 56 | RemoteTokenServices tokenServices = new RemoteTokenServices(); 57 | tokenServices.setClientId("account"); 58 | tokenServices.setClientSecret("password"); 59 | tokenServices.setCheckTokenEndpointUrl("http://localhost:8080/oauth/check_token"); 60 | return tokenServices; 61 | } 62 | 63 | @Override 64 | public AuthenticationManager authenticationManagerBean() throws Exception { 65 | OAuth2AuthenticationManager authenticationManager = new OAuth2AuthenticationManager(); 66 | authenticationManager.setTokenServices(tokenServices()); 67 | return authenticationManager; 68 | } 69 | 70 | } 71 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4.0.0 4 | com.github 5 | spring-boot-oauth2-client 6 | 1.0.0 7 | 8 | spring-boot-oauth2-client 9 | Sample OAuth2 resource server using Spring Boot 10 | 11 | 12 | org.springframework.boot 13 | spring-boot-starter-parent 14 | 1.5.6.RELEASE 15 | 16 | 17 | 18 | UTF-8 19 | UTF-8 20 | 1.8 21 | 22 | 23 | 24 | 25 | org.springframework.boot 26 | spring-boot-starter-web 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter 31 | 32 | 33 | org.springframework.boot 34 | spring-boot-starter-logging 35 | 36 | 37 | 38 | 39 | org.springframework.boot 40 | spring-boot-starter-log4j2 41 | 42 | 43 | org.springframework.security.oauth 44 | spring-security-oauth2 45 | 46 | 47 | org.springframework.boot 48 | spring-boot-starter-actuator 49 | 50 | 51 | org.springframework.boot 52 | spring-boot-starter-security 53 | 54 | 55 | org.apache.commons 56 | commons-lang3 57 | 3.1 58 | jar 59 | 60 | 61 | javax.ws.rs 62 | javax.ws.rs-api 63 | 2.0 64 | jar 65 | 66 | 67 | org.json 68 | json 69 | 20160810 70 | jar 71 | 72 | 73 | org.apache.commons 74 | commons-exec 75 | 1.3 76 | jar 77 | 78 | 79 | 80 | 81 | 82 | 83 | org.springframework.boot 84 | spring-boot-maven-plugin 85 | 86 | 87 | 88 | --------------------------------------------------------------------------------