spring-oauth2-jwt-authoriza.../README.md

# Getting Started

## Obtaining an user access token

browse with navigator

http://localhost:8081/oauth2/authorize?response_type=code&client_id=client&redirect_uri=http://localhost:8081/login/oauth2/code/oidc-client&scope=openid%20profile%20read

```shell
$ read -s CODE
$ ACCESS_TOKEN=$(curl -v "http://localhost:8081/oauth2/token" --data-urlencode "grant_type=authorization_code" --data-urlencode "code=$CODE" --data-urlencode "redirect_uri=http://localhost:8081/login/oauth2/code/oidc-client" -H 'Content-Type: application/x-www-form-urlencoded' -u "client:secret" | jq -r .access_token | tee /dev/tty)
```

## Obtaining a client credential (machine to machine jwt token)

```shell
$ curl -v "http://localhost:8081/oauth2/token" --data-urlencode "grant_type=client_credentials" --data-urlencode "code=$CODE" --data-urlencode "redirect_uri=http://localhost:8081/login/oauth2/code/oidc-client" -H 'Content-Type: application/x-www-form-urlencoded' -u "client:secret" | jq
```

## Using access token

```shell
$ curl -v http://localhost:8081/ping -H "Authorization: Bearer $ACCESS_TOKEN"
```

### links

oidc endpoint 

http://localhost:8081/.well-known/openid-configuration
http://localhost:8081/.well-known/oauth-authorization-server


### Reference Documentation
For further reference, please consider the following sections:

* [Official Apache Maven documentation](https://maven.apache.org/guides/index.html)
* [Spring Boot Maven Plugin Reference Guide](https://docs.spring.io/spring-boot/docs/3.1.2/maven-plugin/reference/html/)
* [Create an OCI image](https://docs.spring.io/spring-boot/docs/3.1.2/maven-plugin/reference/html/#build-image)
* [Spring Security](https://docs.spring.io/spring-boot/docs/3.1.2/reference/htmlsinge/index.html#web.security)

### Guides
The following guides illustrate how to use some features concretely:

* [Securing a Web Application](https://spring.io/guides/gs/securing-web/)
* [Spring Boot and OAuth2](https://spring.io/guides/tutorials/spring-boot-oauth2/)
* [Authenticating a User with LDAP](https://spring.io/guides/gs/authenticating-ldap/)
Init commit 2023-08-15 18:49:21 +00:00			`# Getting Started`

feature: spring authorization server and resource server sample 2023-08-15 18:49:39 +00:00			`## Obtaining an user access token`

			`browse with navigator`

			`http://localhost:8081/oauth2/authorize?response_type=code&client_id=client&redirect_uri=http://localhost:8081/login/oauth2/code/oidc-client&scope=openid%20profile%20read`

			```shell
			`$ read -s CODE`
			`$ ACCESS_TOKEN=$(curl -v "http://localhost:8081/oauth2/token" --data-urlencode "grant_type=authorization_code" --data-urlencode "code=$CODE" --data-urlencode "redirect_uri=http://localhost:8081/login/oauth2/code/oidc-client" -H 'Content-Type: application/x-www-form-urlencoded' -u "client:secret" \| jq -r .access_token \| tee /dev/tty)`
			```

			`## Obtaining a client credential (machine to machine jwt token)`

			```shell
			`$ curl -v "http://localhost:8081/oauth2/token" --data-urlencode "grant_type=client_credentials" --data-urlencode "code=$CODE" --data-urlencode "redirect_uri=http://localhost:8081/login/oauth2/code/oidc-client" -H 'Content-Type: application/x-www-form-urlencoded' -u "client:secret" \| jq`
			```

			`## Using access token`

			```shell
			`$ curl -v http://localhost:8081/ping -H "Authorization: Bearer $ACCESS_TOKEN"`
			```

			`### links`

			`oidc endpoint`

			`http://localhost:8081/.well-known/openid-configuration`
			`http://localhost:8081/.well-known/oauth-authorization-server`


Init commit 2023-08-15 18:49:21 +00:00			`### Reference Documentation`
			`For further reference, please consider the following sections:`

			`* [Official Apache Maven documentation](https://maven.apache.org/guides/index.html)`
			`* [Spring Boot Maven Plugin Reference Guide](https://docs.spring.io/spring-boot/docs/3.1.2/maven-plugin/reference/html/)`
			`* [Create an OCI image](https://docs.spring.io/spring-boot/docs/3.1.2/maven-plugin/reference/html/#build-image)`
			`* [Spring Security](https://docs.spring.io/spring-boot/docs/3.1.2/reference/htmlsinge/index.html#web.security)`

			`### Guides`
			`The following guides illustrate how to use some features concretely:`

			`* [Securing a Web Application](https://spring.io/guides/gs/securing-web/)`
			`* [Spring Boot and OAuth2](https://spring.io/guides/tutorials/spring-boot-oauth2/)`
			`* [Authenticating a User with LDAP](https://spring.io/guides/gs/authenticating-ldap/)`