This project is an example of a microservices architecture built with Spring Boot, Spring Security OAuth2, Eureka Discovery, and Spring Cloud Gateway.
The system consists of 4 microservices that work together to handle authentication/authorization and securely route requests.
The microservices included in this solution are:
-
Discovery Server (
discovery-server)- Implements Eureka Server.
- Allows other microservices to dynamically register themselves.
- Centralizes service discovery.
-
Authorization Server (
auth-server)- Manages user login and the issuance of signed JWT tokens.
- Centralizes authentication and authorization.
- Clients (e.g., API Gateway) register here to use OAuth2.
-
API Gateway (
api-gateway)- Based on Spring Cloud Gateway.
- Responsible for routing requests to internal microservices.
- Requires a valid JWT token for all requests.
- Uses
TokenRelayto forward the token to downstream services.
-
User Service (
user-service)- A protected service with JWT validation.
- Exposes a simple endpoint returning hardcoded user information (for demo purposes).
- Does not directly depend on the Authorization Server thanks to JWT.
The recommended order to start the system is:
- Discovery Server
./gradlew :discovery-server:bootRun
- Authorization Server
./gradlew :auth-server:bootRun
- API Gateway
./gradlew :api-gateway:bootRun
- User Service
./gradlew :user-service:bootRun
Log in to the Authorization Server using an OAuth2 flow. Example (with client_id=oidc-client and client_secret=secret):
curl -X POST http://localhost:8090/oauth2/token \
-u oidc-client:secret \
-d "grant_type=client_credentials&scope=openid profile"The response will include an access_token (JWT).
Using the obtained token, send a request to the User Service through the API Gateway:
curl http://localhost:8080/users/john \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN_HERE"