OAuth 2.0 - Client Credential Flow - Client Authentication using Signed JWT

In this example, I am creating a client credential flow based client. The difference is unlike the traditional client secret, here I am using JWT signed by the client private key. In the authorization server when a request comes from the client, the authorization server will verify the signature of the JWT using client's public key.

There are two ways we can make available the client's public key to the authorization server

We can upload the client certificate to the authorization server
Or we can provide a Json Web Key Set (JWKS) url to the authorization server, where the client's public key will be available in the form of JSON Web Key Set.

In this example, I am using the latter one.

Note :

For the code to work following things are needed
- A key store in the form of JKS in the resources directory with the name keystore.jks
- A credentials.yaml file in the resources directory in the format of credentials.yaml.example
- Change the values inside the application.yaml according to your configuration
I used keycloak server for this project.

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
gradle/wrapper		gradle/wrapper
src/main		src/main
.gitattributes		.gitattributes
.gitignore		.gitignore
README.md		README.md
build.gradle.kts		build.gradle.kts
gradlew		gradlew
gradlew.bat		gradlew.bat
settings.gradle.kts		settings.gradle.kts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

OAuth 2.0 - Client Credential Flow - Client Authentication using Signed JWT

About

Languages

nononsensecode/client-credential-flow-with-signed-jwt

Folders and files

Latest commit

History

Repository files navigation

OAuth 2.0 - Client Credential Flow - Client Authentication using Signed JWT

About

Topics

Resources

Stars

Watchers

Forks

Languages