Using the experimental authorization server version 0.0.2 and the authorization code with PKCE!

Рет қаралды 6,764

Laur Spilca

Күн бұрын

Пікірлер: 17

@BinSlayer1 4 жыл бұрын

Awesome lesson Laurentiu! The PKCE explanation was great and you make it easily understandable. Thanks!

@laurspilca 4 жыл бұрын

Glad you liked it. I know you asked for it some time ago :)

@miscvideos47 3 жыл бұрын

Thanks a lot for this since there are very few tutorials on the new Spring Authorization Server! Small suggestion: could you please sort the videos in this playlist by upload date?

@manoranjaniiit 4 жыл бұрын

Great explanation of PKCE.

@Jawwad124 3 жыл бұрын

Please share more on this. I am trying to implement this for our project. But unable to get user roles in Resource server once user authorized.

@chriseteka 4 жыл бұрын

Great content Laurentiu, keep up the good works. I was trying out implementing an authorization server in a demo project, a project in which I intended to use reactive spring all through. I registered a user detail service but this time, using the ReactiveUserDetailService, which on like the usual UserDetailService returns a Mono from the loadUserByUsername(String s) method. Sadly the application refused to start on account that it could not find a bean of type UserDetailsService in context. Could anything be done about this or is there something I may be missing out on during the implementation?

@laurspilca 4 жыл бұрын

Hi Eteka. Honestly, I don't think the Spring Security OAuth project has ever been created to support reactive development. I saw that at least. Maybe it'll work with the new authorization server when it will be fully released.

@chriseteka 4 жыл бұрын

@@laurspilca Thanks for the response, I will stay updated in your channel.

@roman_mf Жыл бұрын

Hello Laur! Nowadays there is 1.1.0 already so things may be different back then, but what I've missed is how does the authorization server knows that code_verifier and code_challenge are required to be present as URL params? You didn't do any special configuration for this in your example.

@laurspilca Жыл бұрын

Hi. I recommend you watch the videos where I present the version 1.x in the Spring Security Fundamentals 2022 playlist on this channel.

@gsdsg9374 3 жыл бұрын

Hi Laurentiu, version 0.1.0 was released on 11 Feb. Seems that the new version broke your example. Now after submitting the GET request with the challenge code, instead of redirecting to the default login page (localhost:8080/login), there is now a 404 error. Any suggestions how I can fix this? Thanks

@laurspilca 3 жыл бұрын

Hi. Yes, my example is specifically for 0.0.2. We cannot assume any new version won't break the existing one because the authorization server is still experimental and doesn't guarantee backwards-compatibility yet. I will create soon a video for 0.1.0 and you will find it in the playlist dedicated for the experimental authorization server :) Cheers!

@gsdsg9374 3 жыл бұрын

@@laurspilca Thanks! Looking forward to the new video.

@laurspilca 3 жыл бұрын

@@gsdsg9374 Here's your video :) kzbin.info/www/bejne/Y2HCqKKBbKd4aas

@bhushanrohankar6017 Жыл бұрын

I am Having 3 Application for this I am building 1 authorization server for better communication and security. and also i want to do SSO on this 3 application where my authorization server will act as a Identity provider. my question is how can i inter-communicate with this 3 application means. 1. for A Service I authenticate the user and get access token then i want to communicate with B -service then how can i do this with access token ? 2. and one more scenario if someone logins into my B-service then i want to give access for other 2 services(A and C) ? 3. Implementing SSO with Authorization server is it possible ?