Because of you @Java techie i passed last semester and on my way to pass this semester. Thanks a lot

4:16 out of all explanations I've read, this right here is the best

Basant sir is great helping lot of IT employees

No one can explained like this. Great job very clean 👌 I got both theoritical and practical knowledge

Excellent explaination ., Awesome Sir !! Many Thanks !!

It is crystal clear. Thank you so much! keep doing such videos.

This class was great! Thank you master!

if i want to know any concept i always prefer your channel 👍. the way you explain is good, it helps too

too simple explanation great sir thank you so much

Great session, really I got clarified all the queries in this video, thank you so much!

Thanks Basant .. For OAuth2 Example.

Amazing.. You explanation is to the point.. Like that.. 👍 I hope you upload new video regularly. 💙

Great great clear explanation! Thank you Boss

Nice explanation Sir..keep it up(This is Ranjan Das from Facebook😛)

Thank You, Your explanation is nice, I understood and did a simple OAuth application

your content is awesome as always..

Thanks Sir🙂 Helped me to understand. How authorization server generates token and resource server validates the same, could you please explain sir

Very nice bro. Splendid job

Nice explanation. Please do signout section as well.

Nice explanation. Awesome!

Great video Sir 👍👍👍

Good explanation , thanks

awesome demonstration sir, , kindly do the same okta with the Spring Boot 3 version , the older version not working properly, all the time got bad requests

Thank you!

Splendid job bro.

Can you please do one session on two or more microservices with oauth2

Hi bro , This video is really good about Oauth. Having some doubt on this, In the example we registered the local host app to Git hub as an oauth App and client id and client secret key generated. But in real time example Hacker rank with Git Hub login , Hacker rank registered as oauth app automatically post successful github login . How does it happen internally ? Can you explain the code for that ?

Hi @java Techie if possible can u please upload the video for how the Token is generated and what we need to use for encryption and decryption logic in which class need to write and give access.

Nice bro

Thank you😊

Amazing bhai saab😍😍

We can also do single sign on / security by passing using spring security right (http basic authentication) from one application to another by skipping actual login page /screen .

Nice video. Can you make a video using LinkedIn?

Very Good Explanation Basant.. so I guess most of company web applications are using OAuth token security only. Correct?

Make video on jwt also ;)

Hy, 'Java Techie' linke Tour explanations. Very clear and understandable. One question: What"s the Authentication-Code? Is this a random Nummer choosen by yourself? Thx, bye.

thanks sir

simple awesome

Hi.. As per the flow diagram after successful authentication only authorization server sends access token right? then how come access token send as cookie in login page before authentication ?

It means each user will add the Clinet application details in their githup profile.... Dynamically how to do sir.. Thanks for ur effort...

Sir please make a video how to create own identity provider

@EnableOAuth2Sso this got deprecated and the dependencies you have added in this video not available currently, I think to add OAuth2 in application process is changed. Could you please make a new video on this concept with updated version?

What is the authorization grant type used, authorization_code or implicit grant?

another question : why you added client security dependency ? spring security dependecncy will not work ? or we really need any of these dependency to create this application ?

Hi sir, Can you please explain one post request through postman how you will pass authentication information in the header.

What is the need of sending back the access token to github resource server which was given by github itself

How come the access token in the cookie before sign in to the GitHub account...while you were inspecting the elements

Hello. Very nice example. I have a question. I can see that the client I'd and secret string is directly configured in the spring boot app and that only helps an individual user to be authenticated by Github authorization server. What happens in a real time production grade project? Do we decouple this sensitive information and store it somewhere else. And what configuration we need to make if we want to access the restful api created in this example to be accessed by any user having valid github credential. I hope there is a way to dynamically use the users client I'd and secret key in the spring boot configuration

Hi Sir , needed the updated procedure of Spring security with OAuth2,ssince cloud security ,cloud Outh dependencies are not shown under dependencies of spring initializer,sir

I have one doubt, In this example we put our clent id and secrt id in our appliaction, which was taken from our git hub, 1)But real time like haker rank we cant put mannually right,?? 2) as per my assumption after validating username and password, doest github gave cleint id and scrt id return back to appliacation after succussfull login?? I have these doubt from so many days?? If in that case what we need to put in our yml file??

I tried this one ,successfully run application ,and getting login page but login by giving credentials getting error page "site can not be reached ".in application logs are also fine so not able to check exactly why i am getting error.Could you please guiding me on this.

Your way of teaching is awesome. I need a help, Actually I want to consume the services of Adobe analytics. I have retrieved all the essential data required but I am confused what to put in "security.oauth2.resource.user-info-uri" property. When I start my server then I am able to login but it stuck on that page only. Can you please help!

i am getting this error : error: redirect_uri_mismatch error_description: The redirect_uri MUST match the registered callback URL for this application. Please help, even though done same :/

Is it recommended to use in a real time Application I mean there is no secrecy of client id and client secret

@video 13.32 you mentioned that Access Token is sent from client . Could you please explain how the client generated access token ? Because we had configured only the Client Secret in the yml file.

I am getting a error --- field error in object 'resourceServerProperties' on field 'tokenInfoUri': rejected value [null]; missing.tokenInfoUri.resourceServerProperties.tokenInfoUri Please help me out

Could you guide how to cret a spring boot oauth 2 with keycloak for multitenant?

I am trying spring version 2.6.1 and even maven update.. i am unable to get resolved, kindly guide should i change to as you mentioned and or go with that. ?

i think access token should not deliver by browser which should pass in the backend

Can u please do vedio on Jaeger tracing

Great session , but i want same session with Spring MVC , is it possible ?

HI Basant, I really appreciate your effort, i learnt a lot regarding OAuth2, and mostly asked question in the interview. I tried your example, but it is giving me below exception, tried finding out from StackOverFlow, but no luck, Will you please give any hint or help? java.lang.IllegalStateException: Access token provider returned a null access token, which is illegal according to the contract.

after giving GitHub login credentials, i got page mentioned - you are redirect to authorised application, if your browser does support, click here, after click it is downloaded not further process failed

Hi Basant. Spring Boot just got updated to 2.3.4 Inspite of logging out of Github, why is it not asking for the credentials for the next subsequent login when I type the same url on another chrome tab? I dont want to restart the app

where you get this below url's.- accessTokenUri, userAuthorizationUri, userInfoUri. if i want to the same OAuth authentication for FB or any other authorization portal. where i can get this url's.

HI Basant I am getting below error after login ava.lang.IllegalStateException: Access token provider returned a null access token, which is illegal according to the contract.

One more question Is OAuth2 is also responsible for authentication !

Where we can see the user information after token got validated

Pls Zoom in your screen. Please explain the yml configuration parameters added Boot 2.4.1 doest have Spring Cloud Security enabled

How to do logout? Please explain.

How do we know if we are using 2 legged or 3 legged ?

Able to login but unable to logout

How the access token is getting generated by Authorization server and How Resource server is validating whether it is a correct access_token or not!

its Oauth 1 concept not Oauth 2

please remove ur clent id and secret from github repo

Hello, will the information (emails) be stored in local database?