Explore the new OAuth 2.0 and OpenID Connect 1.0 support in Spring Security 5.0 through this comprehensive conference talk from Spring I/O 2018. Dive into the OAuth 2.0 Login feature, enabling users to log in using existing accounts from providers like GitHub or Google. Learn to set up OAuth 2.0 Login for a Spring Boot 2.0 sample application and configure custom user authority mapping for fine-grained authorization. Gain insights into client authentication, authorization, login patterns, scopes, core protocol endpoints, and user information handling. Follow along with a practical demonstration covering client registration, testing, and user configuration to implement secure and efficient authentication in your Spring applications.
Overview
Syllabus
Intro
Audience
Registration
Client Authentication
Authorization
Login Pattern
Scopes
Authentication
Description Field
Core Protocol Endpoints
User Info Endpoint
Username Attribute
JwkSetURI
Google OAuth
Demo
How did I work
Client Registration Repository
Testing
Custom Authority Mapping
User Configuration
Demonstration
Taught by
Spring I/O
Related Courses
-
Common Mistakes and Misconceptions in Web App Security Using OAuth 2.0 and OpenID Connect
-
OAuth All the Things - What Is OAuth 2.0?
-
Implementing Microservices Security Patterns & Protocols with Spring Security
-
Implementing an OAuth 2 Authorization Server with Spring Security - The New Way
-
How to Secure Your Spring Apps with Keycloak
-
Modern Authentication
