Simple bearer token authentication?
Question
I have a micro-service with REST API and I want to secure it with oidc token. This token is issued with our company authority. The use case is that user signs in with that authority and receives a jwt token, which he sends in every request. My service should validate that token with the authority and grant access to the user based on that validation. My question is how to do it with spring boot security, or if to you use spring boot for that at all. I looked everywhere on the internet and there are variety of use cases, but none seems to clarify how to achieve what I am trying to achieve. It seems like everybody is considering this use case too obvious to explain, but I am somehow still missing the point.
2 answers
solution1
2 2020-05-26 12:49:02
When you have to generate the token to connect secure API of your organization, in that case, you required the following details private.der file and rest properties need to set in order to generate the token, you refer the code for an example, the code may be written in simple java but no harm to use with spring boot. demo
keyAlgorithm=RSA
keyPath=private-stage.der
subject=
issuer=
audience=
claimKey=
claimValue=true
tokenExpiryFrequency=DAY
tokenExpiryUnit=1
clientId=
clientSecret=
jwtTokenUrl=
solution2
1 ACCPTED 2020-05-26 12:30:18
There is article https://www.baeldung.com/rest-api-spring-oauth2-angular
"Authorization server" is your company authority, you do not have to implement it.
You should focus on implementing "Resource server".
Also, Spring Boot comes with usage examples https://spring.io/guides/tutorials/spring-boot-oauth2/
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.