Full Stack OAuth 2 - With Spring Security / React / Angular - Part 1

preview_player
Показать описание
In this live event, we discuss implementing authentication with OAuth 2 / Open ID Connect from backend to frontend. My guest, Liviu Bobocu, frontend expert, will help me prove the implementation of a frontend solution. This frontend solution will use a Spring-driven authorization and resource server.

What you'll learn:

- How to create a Spring Security authorization server using the new authorization server project
- How to configure a Spring Security resource server with JWT authentication
- How to build a React frontend client which authenticates using JWT
- How to build an Angular frontend client which authenticates using JWT
- Best practices for your authentication implementation on both backend and frontend

  1. Laur Spilca
Рекомендации по теме
OAuth 2 Explained 0:04:32

OAuth 2 Explained In Simple Terms

OAuth2 Login Made 0:13:05

OAuth2 Login Made Easy in Java: A Spring Boot & Spring Security Walkthrough

Full-Stack Implementation of 0:09:19

Full-Stack Implementation of OAuth 2 Authentication (Google & Facebook) with NextJS and NodeJS

OAuth 2.0 explained 0:10:03

OAuth 2.0 explained with examples

Full Stack OAuth 3:31:50

Full Stack OAuth 2 - With Spring Security / React / Angular - Part 1

Session vs Token 0:02:18

Session vs Token Authentication in 100 Seconds

Google OAuth 2.0 0:57:18

Google OAuth 2.0 With NodeJS (No Passport or googleapis)

Auth0 in 100 0:08:24

Auth0 in 100 Seconds // And beyond with a Next.js Authentication Tutorial

Google OAuth 2.0 0:05:04

Google OAuth 2.0 Login for React in 5 minutes

Setup Google OAuth 0:06:51

Setup Google OAuth sign in 6 minutes

oAuth for Beginners 0:10:43

oAuth for Beginners - How oauth authentication🔒 works ?

Fullstack OAuth2 - 0:26:35

Fullstack OAuth2 - Angular, Spring Boot & Keycloak

OAuth 2.0 Implementation 1:11:15

OAuth 2.0 Implementation with Spring Security and Spring Boot | Full Example

Fullstack 67 - 1:11:16

Fullstack 67 - Auth - Part 2: OAuth 2.0

Login / Signup 0:26:09

Login / Signup / SignIn with Google | OAuth2.0 | Using React and Express JS

What Is Single 0:04:54

What Is Single Sign-on (SSO)? How It Works

Login With Google 0:18:01

Login With Google Using React & Node - MERN Auth 2.0

Learn OAuth2.0 Authorization 0:55:58

Learn OAuth2.0 Authorization Server With Spring boot Setup | Latest | Beginner | Tutorial

Auth0 authentication in 0:12:52

Auth0 authentication in Reactjs using OAuth2

Build Auth Into 0:07:47

Build Auth Into Your Rust Web Application (OAuth2)

Full Stack OAuth 2:25:40

Full Stack OAuth 2 - With Spring Security / React / Angular - Part 2

DevOps Tutorial #6 1:02:32

DevOps Tutorial #6 - Deploying Full Stack Project (with Discord OAuth2) to ALL Servers

OAuth2 and Google 0:48:12

OAuth2 and Google to Protect Your Spring Security and Angular Application

Node.js App From 2:28:43

Node.js App From Scratch | Express, MongoDB & Google OAuth

Комментарии
Автор

Thank both of you, end to end implementation of Oauth2 with angular, looking forward for more sessions from you guys🙏

DHA
Автор

Thanks Laurentiu, I have read about the new Spring Auth Server in books and in the web but there aren't a lot of resources, even less creating the flow with modern frontend frameworks and even though I've read about using an off the shelf Oauth 2 server like Keycloak and also reading about Oauth2 in general I was still a little puzzled about the correct way to configure the new Spring Authorization Server. Looking forward to the next video.

Josharaya
Автор

i did not see the entire video but if it does what the titles says and it does completely without any missing code you are a real code master and i will watch all your coding videos starting now

aurelianr
Автор

Great experience in practice. Thanks a lot.

Talaria.School
Автор

Legendary session, eagerly waiting for upcoming events

devashish_yt
Автор

Thank you both of you, end to end implementation of spring oauth2 with angular 2. looking forward for more sessions.

ozaytunctan
Автор

thank you both, it would be better if you can add chapters to this video.

MonirRouissi
Автор

Best about this was the struggle... 😁 it's real!

buksvdl
Автор

Great content, thank you! Really looking forward to part 2! When are you going to post it?

stoianrobert
Автор

Hi Laurentiu, i am kind new to spring security what is code challenge? on the first request made to auth server

maqhobelakao
Автор

Q1.Can't we make custom client side login page in Single Page Application to authenticate user instead of server side authentication page Because I have often seen wether they are keycloak, Auth0, google, github, we have to redirect user to their login page .
Though We have a option to customize spring security default login page, Can't We create Login page on client side as we do in Password grant type?
Q2.If we can then how we will be sending authorization code on successfull login to client in response body. So, that client can fetch token using code.

kamalmohansinghrana
Автор

Thank you very much. I've learned a lot. Why spring has officially deprecated all Spring Security oauth dependencies? I've read all annoncements but Spring doesn't really explain the reason and also other articles which want to explain it only show alternatives. Would You suggest to use the new Spring Security Authorization Server in production? I've managed to build one (also thanks to your Turtorials) without using these useless, ,InMemoryDatabases" but it seems a lot more difficult compared to keycloak where I also could integrate Data from other system components such as Active Directory. In which scenarios would you use the open source project ?

jamilb
Автор

Hey Laurentiu, I saw the "pro tip for the spring developer" you did around Christmas in the manning website and I wanted to know where the rest of the videos in that series are at, specifically the unit / integration testing one you mentioned in that video going over testing mistakes, why constructor better for testing etc.. in spring boot.

Brian-kzvy
Автор

Hi Laurentiu, could you please explain why 2 beans of type SecurityFilterChains are needed in different @Configuration classes? And how does Spring know which one to use?

BinSlayer
Автор

At the bottom of your diagram at the call to the resource server it doesn't show maybe the most important thing. How does the resource server know that the authorization payload is valid!

pdn
Автор

1:04:38 what is this "code_challenge" thing and how to generate this code?

michal
Автор

Hey laurentiu. Should one be implementing an authorization server beginning with today. Would you recommend using the old stack with spring cloud or the new stack?

frankXCVI
Автор

hello, just did the entire implementation from scratch but used different ports, to see the interaction between all the security. I also changed all the necessary urls, yet it doesn't work, any idea why (ports 9000, 9090, 4200)

wulfhound
Автор

Thanks a lot for this video!

I have a question tho:
Looking at the first silde where the worklfow is presented, how does the Resource Server know that the Token presented to it by the Client is actually the right one?
Does this get stored somewhere?

LukeSchneider
Автор

Hi Laurentiu, thanks for your helpful videos, I learned a lot from them, but I still have two questions:
I'm currently trying to generate the challenge code in Angular, like Liviu did in react with crypto.js. the code verifier and the challenge code are generated in login component and stored in both sessionStorage and attribute but after login page of spring boot and redirecting the code identifier is null for some reason. can this be due to the redirectin?
If this is due to the redirecting, can I send the code challenge from angular to the spring boot with my own login page and where is it then stored in the backend?

omar-stnk