An introduction to the new experimental authorization server implementation - version 0.0.1

Подписаться 24 тыс.

Просмотров 2,3 тыс.

50% 1

The spring security authorization server team has released the very first version - 0.0.1 of the new experimental authorization server which will replace the existing way of creating an authorization server using the Spring Security OAuth project. Join me in this video to see what was implemented by now and test the features together.
Code on GitHub: github.com/lsp...

Опубликовано:

21 окт 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 18

@laurspilca 4 года назад

Code on GitHub: github.com/lspil/youtubechannel/tree/master/new-authorization-server-demo

@GughaGSrinivasan 2 года назад

👍 neat, simple, direct and clear

@toss5337 4 года назад

thanks a lots, really love to follow your tutorial, always detailed and easy to follow, any plans to make a series for spring reactive? very curious, cant wait 😁

@laurspilca 4 года назад

Thanks. Yes. Maybe later I'll also make some videos on reactive spring as well :)

@toss5337 4 года назад

@@laurspilca Great!, Thank you...

@АлександрБугримов-о1е 4 года назад

thank you very much for the video

@sitalsitoula6536 3 года назад

I am a bit confused. I reached the Oauth2 part in your Spring Security playlist. So, should I follow this tutorial instead because this will replace the one in the playlist?

@laurspilca 3 года назад

Hey. No. You should follow the playlist. At some point, I'll make a separate playlist about the new authorization server. In these videos, I presented the first version while they appeared. But mind that they were not even mentioned as being community supported yet. So things changed meanwhile.

@azeemmohammed6284 3 года назад

thanks alot for the video @Laurentiu , any plan u have to integrate with spring cloud gateway

@laurspilca 3 года назад

Thanks, Azeem. Good question. I'm not sure if it will be integrated with Spring Cloud. I didn't hear anything on this yet.

@KrishnaKumar-om5hv Год назад

Hi! I'm using springboot 2.7.11 and Authorization-server version 0.4.1 But I'm not able to find this class StaticKeyGeneratingKeyManager and not even the interface KeyManager. How should I proceed as the video no. 11 in your security playlist 2022 was not redirecting me to springone uri as mentioned, hence I came here to understand the basics of things not covered in video no. 11. Please tell how to proceed

@laurspilca Год назад

Hi. I do recommend you use the version 1.x. It is out now already and you find examples for using it in my Spring Security 2022 playlist.

@KrishnaKumar-om5hv Год назад

@@laurspilca Yes I've started with that but after haveing a lot of confusion in your video 11 due to mentioning things which you explained in a different playlist. But anyways thank you!

@haivungoc2426 4 месяца назад

Does the user authentication process always take place before client authentication, or can I customize it?

@laurspilca 4 месяца назад

Hello. Good question. Not sure if you can customize this. But what is the use case for that?

@haivungoc2426 4 месяца назад

@@laurspilca With the standard grant type, I don't need to care about that. For example, with authorization code grant type, after the user authentication code is returned, the client will use the code and client credential(client id, client secret) in the next request to get token as I observed in the video. However, in case I want to customize my own grant type, I don't know whether to authenticate the client or the user first, but I think client authentication first is more reasonable. I want to get more opinions from you?

@RahulBake-h1b 2 месяца назад

Hi @laurspilca, Can we user password as grant type and generate the token with username and password without client secret which is possible in previous version of spring security? Can you please help

@laurspilca 2 месяца назад

Hi. Password grant type is deprecated. Normally it's best you use authorization code instead.