How To Build Your Own JWT Authentication With Spring WebFlux And Spring Security

Like somebody would said: "Work like a charm" -Thank you a lot Alex!

felipeserrano

Thanks Alex, really educative and well presented content, helped me a lot

jirivrba

Your /login implementation is great♥👍. Whats your opinion about handle /login in different way??. It goes to Manager (to validate username & password) and then going to Provider (to forming jwt). So no need to define /login in controller. That is how I am doing right now but not sure it is good or bad implementation. Because AFAIK in non-webflux security, there is no controller /login needed. So I think it should have same flow with non-webflux.

ridhopratama

Thank you for the amazing job. I also want to see you coding spring webflux security using graphql and explaining how to react when the jwt token expires. Thank you.

ismaild.

@Alex - This is useful to get started. It would be helpful you had covered Oauth2 – Authorization Server, Oauth2 – Resource Server and Oauth2 protected REST resources seperately. If this is too much of asking then ignore :)

guruprashanth_k

Hi Alex.

Thank you so much for such a clear example.

I have some trouble with your code example. When an exception happens while a token is analyzed I receive a 401 HTTP error with the header "WWW-Authorization=Basic realm ...". How can I cause to it to send me the www-autorization=bearer?

borispliss

are you using record or something new from java 17? Coz the syntax was throwing me off

faithfulolaleru

Hello, when I add firebase auth, the library does not appear. When I add storage, the library appears. Am auth does not appear. Help

Trigoter

how can we throw
custom exception
when we get token-expired or invalid-signature

awaisrashid

hello alex, can you please do it for java

josemendoza

Hi Alex

I tested, the parser of jjwt can automatically throw when token is expired, so it's unnecessary to check it by user.

taochen

this wont work if i using oauth2.resourceserverspec.jwt

massiveblackwood