4:16 out of all explanations I've read, this right here is the best

Because of you @Java techie i passed last semester and on my way to pass this semester. Thanks a lot

Basant sir is great helping lot of IT employees

No one can explained like this. Great job very clean 👌 I got both theoritical and practical knowledge

Excellent explaination ., Awesome Sir !! Many Thanks !!

It is crystal clear. Thank you so much! keep doing such videos.

if i want to know any concept i always prefer your channel 👍. the way you explain is good, it helps too

awesome demonstration sir, , kindly do the same okta with the Spring Boot 3 version , the older version not working properly, all the time got bad requests

too simple explanation great sir thank you so much

Thanks Sir🙂 Helped me to understand. How authorization server generates token and resource server validates the same, could you please explain sir

This class was great! Thank you master!

Hi bro , This video is really good about Oauth. Having some doubt on this, In the example we registered the local host app to Git hub as an oauth App and client id and client secret key generated. But in real time example Hacker rank with Git Hub login , Hacker rank registered as oauth app automatically post successful github login . How does it happen internally ? Can you explain the code for that ?

Hi.. As per the flow diagram after successful authentication only authorization server sends access token right? then how come access token send as cookie in login page before authentication ?

Thanks Basant .. For OAuth2 Example.

@EnableOAuth2Sso this got deprecated and the dependencies you have added in this video not available currently, I think to add OAuth2 in application process is changed. Could you please make a new video on this concept with updated version?

Hello. Very nice example. I have a question. I can see that the client I'd and secret string is directly configured in the spring boot app and that only helps an individual user to be authenticated by Github authorization server. What happens in a real time production grade project? Do we decouple this sensitive information and store it somewhere else. And what configuration we need to make if we want to access the restful api created in this example to be accessed by any user having valid github credential. I hope there is a way to dynamically use the users client I'd and secret key in the spring boot configuration

Hi @java Techie if possible can u please upload the video for how the Token is generated and what we need to use for encryption and decryption logic in which class need to write and give access.

Can you please do one session on two or more microservices with oauth2

another question : why you added client security dependency ? spring security dependecncy will not work ? or we really need any of these dependency to create this application ?

Very nice bro. Splendid job

Nice explanation. Please do signout section as well.

We can also do single sign on / security by passing using spring security right (http basic authentication) from one application to another by skipping actual login page /screen .

What is the authorization grant type used, authorization_code or implicit grant?

Great session, really I got clarified all the queries in this video, thank you so much!

I have one doubt, In this example we put our clent id and secrt id in our appliaction, which was taken from our git hub, 1)But real time like haker rank we cant put mannually right,?? 2) as per my assumption after validating username and password, doest github gave cleint id and scrt id return back to appliacation after succussfull login?? I have these doubt from so many days?? If in that case what we need to put in our yml file??

It means each user will add the Clinet application details in their githup profile.... Dynamically how to do sir.. Thanks for ur effort...

Great great clear explanation! Thank you Boss

Thank You, Your explanation is nice, I understood and did a simple OAuth application

your content is awesome as always..

What is the need of sending back the access token to github resource server which was given by github itself

I am trying spring version 2.6.1 and even maven update.. i am unable to get resolved, kindly guide should i change to as you mentioned and or go with that. ?

@video 13.32 you mentioned that Access Token is sent from client . Could you please explain how the client generated access token ? Because we had configured only the Client Secret in the yml file.

Nice explanation. Awesome!

How come the access token in the cookie before sign in to the GitHub account...while you were inspecting the elements

Amazing.. You explanation is to the point.. Like that.. 👍 I hope you upload new video regularly. 💙

Nice explanation Sir..keep it up(This is Ranjan Das from Facebook😛)

Great video Sir 👍👍👍

Hy, 'Java Techie' linke Tour explanations. Very clear and understandable. One question: What"s the Authentication-Code? Is this a random Nummer choosen by yourself? Thx, bye.

Good explanation , thanks

I tried this one ,successfully run application ,and getting login page but login by giving credentials getting error page "site can not be reached ".in application logs are also fine so not able to check exactly why i am getting error.Could you please guiding me on this.

Hi sir, Can you please explain one post request through postman how you will pass authentication information in the header.

Sir please make a video how to create own identity provider

Hi Basant. Spring Boot just got updated to 2.3.4 Inspite of logging out of Github, why is it not asking for the credentials for the next subsequent login when I type the same url on another chrome tab? I dont want to restart the app

Hi Sir , needed the updated procedure of Spring security with OAuth2,ssince cloud security ,cloud Outh dependencies are not shown under dependencies of spring initializer,sir

Is it recommended to use in a real time Application I mean there is no secrecy of client id and client secret

Your way of teaching is awesome. I need a help, Actually I want to consume the services of Adobe analytics. I have retrieved all the essential data required but I am confused what to put in "security.oauth2.resource.user-info-uri" property. When I start my server then I am able to login but it stuck on that page only. Can you please help!

Hello, will the information (emails) be stored in local database?

Nice bro

HI Basant I am getting below error after login ava.lang.IllegalStateException: Access token provider returned a null access token, which is illegal according to the contract.

i am getting this error : error: redirect_uri_mismatch error_description: The redirect_uri MUST match the registered callback URL for this application. Please help, even though done same :/

where you get this below url's.- accessTokenUri, userAuthorizationUri, userInfoUri. if i want to the same OAuth authentication for FB or any other authorization portal. where i can get this url's.

after giving GitHub login credentials, i got page mentioned - you are redirect to authorised application, if your browser does support, click here, after click it is downloaded not further process failed

Could you guide how to cret a spring boot oauth 2 with keycloak for multitenant?

Great session , but i want same session with Spring MVC , is it possible ?

i think access token should not deliver by browser which should pass in the backend

Very Good Explanation Basant.. so I guess most of company web applications are using OAuth token security only. Correct?

I am getting a error --- field error in object 'resourceServerProperties' on field 'tokenInfoUri': rejected value [null]; missing.tokenInfoUri.resourceServerProperties.tokenInfoUri Please help me out

Nice video. Can you make a video using LinkedIn?

Splendid job bro.

How the access token is getting generated by Authorization server and How Resource server is validating whether it is a correct access_token or not!

One more question Is OAuth2 is also responsible for authentication !

Thank you!

Thank you😊

Can u please do vedio on Jaeger tracing

HI Basant, I really appreciate your effort, i learnt a lot regarding OAuth2, and mostly asked question in the interview. I tried your example, but it is giving me below exception, tried finding out from StackOverFlow, but no luck, Will you please give any hint or help? java.lang.IllegalStateException: Access token provider returned a null access token, which is illegal according to the contract.

Amazing bhai saab😍😍

Where we can see the user information after token got validated

Pls Zoom in your screen. Please explain the yml configuration parameters added Boot 2.4.1 doest have Spring Cloud Security enabled

Make video on jwt also ;)

How do we know if we are using 2 legged or 3 legged ?

simple awesome

How to do logout? Please explain.

thanks sir

Able to login but unable to logout

its Oauth 1 concept not Oauth 2

please remove ur clent id and secret from github repo