Skip to content
Workshop at Spring I/O 2019 on "Securing Microservices with OpenID Connect and Spring Security 5.1"
JavaScript Java HTML Shell
Branch: master
Clone or download
Latest commit cf95849 May 18, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
docs update docs May 16, 2019
gradle/wrapper fix tests and update gradle version Apr 19, 2019
intro-labs update lab 4 May 12, 2019
lab1 update readme May 12, 2019
lab2 update readme May 12, 2019
lab3 update lab 4 May 12, 2019
lab4 update lab 4 May 12, 2019
setup_keycloak update readme May 12, 2019
.gitignore add keycloak configuration May 6, 2019
.travis.yml add jdk9 build May 13, 2019
LICENSE Initial commit Mar 21, 2019
README.md update docs May 18, 2019
Securing_Microservices_OpenID_Connect_Spring_Security_5_1.pdf update docs May 16, 2019
gradlew
gradlew.bat fix tests and update gradle version Apr 19, 2019
settings.gradle update lab 4 May 12, 2019

README.md

License Build Status

Securing Microservices with OpenID Connect and Spring Security 5.1 @ Spring I/O 2019

Spring IO Workshop 2019

Have you ever wondered what the heck is OpenID Connect and how it differs from OAuth 2.0? Are Grant Types, Flows, JOSE, JWT or JWK unknown beings for you? Then this workshop is a great opportunity for you to get to know all these things by getting your hands dirty in code using Spring Security 5.1.

This repository contains the complete material for workshop at Spring I/O 2019 on Securing Microservices with OpenID Connect and Spring Security 5.1

Workshop Contents

This workshop content is split up into the following parts:

Requirements for Hands-On Part

To start the workshop you need:

Setup Keycloak

Preparation: Setting up Keycloak as Identity Provider

Intro Labs

Intro Lab 1: Follow the OAuth 2.0 authorization code flow in detail

Intro Lab 2: Implementing a GitHub Client using common OAuth 2.0 providers

Hands-On Part Labs

The hands-on part of the workshop is split up into the following parts:

Lab 1: Implementing an OAuth2/OIDC resource server

Lab 2: Implementing an OAuth2/OIDC client (authorization code flow)

Lab 3: Implementing an OAuth2/OIDC client (client credentials flow)

Lab 4: Testing JWT tokens

License

Apache 2.0 licensed

Copyright (c) by 2019 Andreas Falk

You can’t perform that action at this time.