This Repo will help in understanding the Spring Security Architecture, important packages, interfaces, classes inside it which handles authentication and authorization requests in the web applications. It also covers most common security related topics like CORs, CSRF, JWT, OAUTH2, password management, method level security, user, roles & authorities management inside web applications.
- Spring Security framework details and it features
- How to adapt security for a Java web application using Spring Security
- Password Management in Spring Security with PasswordEncoders
- Deep dive about encoding, encryption and hashing
- What is CSRF, CORS and how to address them
- What is Authentication and Authorization. How they are different from each other.
- Securing endpoint URLs inside web applications using Ant, MVC & Regex Matchers
- Filters in Spring Security and how to write own custom filters
- Deep dive about JWT (JSON Web Tokens) and the role of them inside Authentication & Authorization
- Deep dive about OAUTH2 and various grant type flows inside OAUTH2.
- Deep dive about OpenID Connect & how it is related to OAUTH2
- Applying authorization rules using roles, authorities inside a web application using Spring Security
- Method level security in web/non-web applications
- Social Login integrations into web applications
- Set up of Authorization Server using KeyCloak
- Good understanding on Java and Spring concepts
- Basic understanding on SpringBoot & REST services is a bonus but not mandatory
- Interest to learn and explore about Spring Security
- Spring website to generate projects - https://start.spring.io/
- Spring Website - https://spring.io/
- Spring Projects website - https://spring.io/projects
- Spring Boot properties - https://docs.spring.io/spring-boot/docs/current/reference/html/application-properties.html
- AWS website - https://aws.amazon.com/
- SQLECTRON website - https://sqlectron.github.io
- Free MySQL DB website - https://www.freemysqlhosting.net
- OAuth2 Website - https://oauth.net/2/
- OAuth2 playground - https://www.oauth.com/playground/
- KeyCloak website - https://www.keycloak.org
- KeyCloak Download page - https://www.keycloak.org/downloads
- KeyCloak setup - https://www.keycloak.org/getting-started/getting-started-zip
- KeyCloak guides - https://www.keycloak.org/guides
- KeyCloak Well known APIs - http://localhost:8180/realms/eazybankdev/.well-known/openid-configuration
- Angular Keycloak library - https://www.npmjs.com/package/keycloak-angular
- Keycloak official documentation - https://www.keycloak.org/documentation
- Keycloak Admin REST APIs - https://www.keycloak.org/docs-api/19.0.2/rest-api/index.html
Welcome to the Modern Authentication with Spring Boot 3.0, OAuth2.0, and Social Logins repository! This project focuses on implementing cutting-edge authentication techniques in Spring Boot 3.0, utilizing the power of OAuth2.0. With the integration of social login providers like GitHub, Facebook, and Google, this project aims to enhance both security and user experience.
Authentication is a critical aspect of any application, and with the evolution of Spring Boot to version 3.0, we bring you a comprehensive authentication solution. This project showcases the following key features:
- Security with OAuth2.0: Leverage the robust OAuth2.0 framework to ensure secure authentication and authorization flows.
- Social Logins Integration: Enable users to log in effortlessly using their GitHub, Facebook, or Google accounts. This feature not only enhances user experience but also minimizes friction during the sign-up process..
To get started with this project:
-
Clone this repository to your local machine using the following command:
git clone https://github.com/your-username/AuthSpring3-SocialAuth.git -
Navigate to the project directory:
cd AuthSpring3-SocialAuth -
Follow the installation instructions provided in the project's documentation to set up the required dependencies and configurations.
Detailed instructions and code snippets are provided in the project's documentation to guide you through the implementation of modern authentication with Spring Boot 3.0 and OAuth2.0. Additionally, you'll find steps for integrating social login providers such as GitHub, Facebook, and Google.
We welcome contributions from the community! If you find a bug, have an enhancement idea, or want to contribute in any other way, feel free to open issues and pull requests in this repository.
This project is licensed under the MIT License. See the LICENSE file for more information.