Skip to content

dickanirwansyah/spring-boot-OAuth2-and-SSO

Repository files navigation

Aplikasi Spring Boot OAuth2 Demo


Aplikasi Terdiri dari :
  • 1. demo-integrated-angular
  • 2. Spring-Cloud-OAuth2-SSO
  • 3. demo-integrated-Ngspringboot (Client App Angular 4)

A1. demo-integrated-angular : Dependencies

  • Web
  • JPA (Java Persistence Api)
  • MySQL DB
  • Spring-security-Oauth2
  • Spring-boot-starter-security

A2. demo-integrated-angular : Run File


$ mvn clean spring-boot:run

cara mendapatkan token *NOTE* client : clientGojekApp secret : mysecret client dan secret di ambil dari database

$ curl -X POST -vu clientGojekApp:mysecret 'http://localhost:10000/oauth/token?username=dickanirwansyah&password=rootroot&grant_type=password'

mendapatkan token
* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 10000 (#0)
* Server auth using Basic with user 'clientGojekApp'
> POST /oauth/token?username=dickanirwansyah&password=rootroot&grant_type=password HTTP/1.1
> Authorization: Basic Y2xpZW50R29qZWtBcHA6bXlzZWNyZXQ=
> User-Agent: curl/7.35.0
> Host: localhost:10000
> Accept: */*
> 
< HTTP/1.1 200 
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: DENY
< Cache-Control: no-store
< Pragma: no-cache
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
< Date: Sun, 25 Feb 2018 01:49:26 GMT
< 
* Connection #0 to host localhost left intact
{"access_token":"bdbaddb6-56a8-45fc-9c9c-21df9eb5e30a","token_type":"bearer","refresh_token":"7dbf98ec-2977-4a64-995d-cf0305061c2e","expires_in":34828,"scope":"read write"}

Mendapatkan Token baru Refresh Token *Note* ambil refresh token dari token yang di atas
$ curl -X POST -vu clientGojekApp:mysecret 'http://localhost:10000/oauth/token?grant_type=refresh_token&refresh_token=7dbf98ec-2977-4a64-995d-cf0305061c2e'

Dapat Token Baru dari refresh token

* Hostname was NOT found in DNS cache
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 10000 (#0)
* Server auth using Basic with user 'clientGojekApp'
> POST /oauth/token?grant_type=refresh_token&refresh_token=7dbf98ec-2977-4a64-995d-cf0305061c2e HTTP/1.1
> Authorization: Basic Y2xpZW50R29qZWtBcHA6bXlzZWNyZXQ=
> User-Agent: curl/7.35.0
> Host: localhost:10000
> Accept: */*
> 
< HTTP/1.1 200 
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: 0
< X-Frame-Options: DENY
< Cache-Control: no-store
< Pragma: no-cache
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
< Date: Sun, 25 Feb 2018 01:59:32 GMT
< 
* Connection #0 to host localhost left intact
{"access_token":"ed7e8c30-8320-4f55-bea2-0f68f581129f","token_type":"bearer","refresh_token":"7dbf98ec-2977-4a64-995d-cf0305061c2e","expires_in":35999,"scope":"read write"}

Access ke restcontroller menggunakan access_token yang baru

$ curl -i -H 'Authorization: Bearer ed7e8c30-8320-4f55-bea2-0f68f581129f' http://localhost:10000/api/category/secure/list

Response jika berhasil

HTTP/1.1 200 
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sun, 25 Feb 2018 02:03:35 GMT

[{"idcategory":1,"name":"chocolate ","description":"chocolate ice cream","valid":true}]

B1. Spring-Cloud-OAuth2-SSO : dependencies


  • Web
  • JPA
  • Cloud OAuth2
  • Cloud Security

B2. Spring-Cloud-OAuth2-SSO : Run File

$ mvn clean spring-boot:run

buka localhost:8080/

jika berhasil akan di redirect ke login github..

berhasil login maka muncul api