Skip to content

robbertvanwaveren/oauth-gateway-exploration

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Spring Security OAuth 2.0 Gateway Exploration Example

This is the full source-code for the following blog post series.

No license is provided as it is only meant for learning purposes.

Set-up

The basic set-up we are going for is:

  • gateway at localhost:8080

  • dummy service at localhost:8081

  • keycloak at localhost:9090

run docker-compose up -d inside the keycloak directory to start a local keycloak server mapped to host port 9090

One-time Keycloak set-up

  • login with admin / admin

  • create a realm called service

  • a client called gateway

    • use valid redirect url: http://localhost:8080/*

    • select Access Type: confidential

    • save and click on the newly visible tab Credentials

  • Copy the Secret to the client-secret in the oauth-gateway application.yml

  • create a user for yourself to login with

  • create a role called dummy and assign it to your user

Running the services

run GatewayApplication to start the gateway

run DummyApplication to start the dummy backend service

Manual verification

Browse incognito to http://localhost:8080

  • login with the user you created

  • checkout the result (in case of a silent 401/403 failure, check for a WWW-Authenticate header in the response for a clue)

Note
In order to see one of the powers of OAuth-based AuthN/AuthZ, restart the Gateway and/or Dummy service and/or remove you Session Cookie stored in your browser (F12, Application, Cookies, http://localhost:8080, Clear All in Chrome) and refresh the page.
Note
If you just want to look at how the request with the token to the backend looks like, you could also just run netcat instead of the dummy-service using: nc -l localhost 8081

About

Spring Security OAuth 2.0 Gateway Exploration Example

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published