Spring Security - OAuth2 Example Using GitHub | SpringBoot | Java Techie 

Basant sir is great helping lot of IT employees

Because of you @Java techie i passed last semester and on my way to pass this semester. Thanks a lot

4:16 out of all explanations I've read, this right here is the best

No one can explained like this. Great job very clean 👌 I got both theoritical and practical knowledge

It is crystal clear. Thank you so much! keep doing such videos.

Excellent explaination ., Awesome Sir !! Many Thanks !!

This class was great! Thank you master!

if i want to know any concept i always prefer your channel 👍. the way you explain is good, it helps too

too simple explanation great sir thank you so much

Thanks Basant .. For OAuth2 Example.

Nice explanation Sir..keep it up(This is Ranjan Das from Facebook😛)

Nice explanation. Please do signout section as well.

your content is awesome as always..

Great session, really I got clarified all the queries in this video, thank you so much!

Amazing.. You explanation is to the point.. Like that.. 👍 I hope you upload new video regularly. 💙

Very nice bro. Splendid job

Great great clear explanation! Thank you Boss

Thank You, Your explanation is nice, I understood and did a simple OAuth application

awesome demonstration sir, , kindly do the same okta with the Spring Boot 3 version , the older version not working properly, all the time got bad requests

Nice explanation. Awesome!

another question : why you added client security dependency ? spring security dependecncy will not work ? or we really need any of these dependency to create this application ?

Thanks Sir🙂 Helped me to understand. How authorization server generates token and resource server validates the same, could you please explain sir

Good explanation , thanks

Hi bro , This video is really good about Oauth. Having some doubt on this, In the example we registered the local host app to Git hub as an oauth App and client id and client secret key generated. But in real time example Hacker rank with Git Hub login , Hacker rank registered as oauth app automatically post successful github login . How does it happen internally ? Can you explain the code for that ?

Very Good Explanation Basant.. so I guess most of company web applications are using OAuth token security only. Correct?

Hello. Very nice example. I have a question. I can see that the client I'd and secret string is directly configured in the spring boot app and that only helps an individual user to be authenticated by Github authorization server. What happens in a real time production grade project? Do we decouple this sensitive information and store it somewhere else. And what configuration we need to make if we want to access the restful api created in this example to be accessed by any user having valid github credential. I hope there is a way to dynamically use the users client I'd and secret key in the spring boot configuration

Hi @java Techie if possible can u please upload the video for how the Token is generated and what we need to use for encryption and decryption logic in which class need to write and give access.

Nice video. Can you make a video using LinkedIn?

Hy, 'Java Techie' linke Tour explanations. Very clear and understandable. One question: What"s the Authentication-Code? Is this a random Nummer choosen by yourself? Thx, bye.

@EnableOAuth2Sso this got deprecated and the dependencies you have added in this video not available currently, I think to add OAuth2 in application process is changed. Could you please make a new video on this concept with updated version?

Hi.. As per the flow diagram after successful authentication only authorization server sends access token right? then how come access token send as cookie in login page before authentication ?

Can you please do one session on two or more microservices with oauth2

Great video Sir 👍👍👍

What is the authorization grant type used, authorization_code or implicit grant?

Hello, will the information (emails) be stored in local database?

Thank you!

I have one doubt, In this example we put our clent id and secrt id in our appliaction, which was taken from our git hub, 1)But real time like haker rank we cant put mannually right,?? 2) as per my assumption after validating username and password, doest github gave cleint id and scrt id return back to appliacation after succussfull login?? I have these doubt from so many days?? If in that case what we need to put in our yml file??

I am trying spring version 2.6.1 and even maven update.. i am unable to get resolved, kindly guide should i change to as you mentioned and or go with that. ?

Splendid job bro.

We can also do single sign on / security by passing using spring security right (http basic authentication) from one application to another by skipping actual login page /screen .

Thank you😊

Is it recommended to use in a real time Application I mean there is no secrecy of client id and client secret

It means each user will add the Clinet application details in their githup profile.... Dynamically how to do sir.. Thanks for ur effort...

Make video on jwt also ;)

where you get this below url's.- accessTokenUri, userAuthorizationUri, userInfoUri. if i want to the same OAuth authentication for FB or any other authorization portal. where i can get this url's.

Sir please make a video how to create own identity provider

What is the need of sending back the access token to github resource server which was given by github itself

Hi sir, Can you please explain one post request through postman how you will pass authentication information in the header.

Nice bro

Amazing bhai saab😍😍

@video 13.32 you mentioned that Access Token is sent from client . Could you please explain how the client generated access token ? Because we had configured only the Client Secret in the yml file.

How come the access token in the cookie before sign in to the GitHub account...while you were inspecting the elements

Hi Basant. Spring Boot just got updated to 2.3.4 Inspite of logging out of Github, why is it not asking for the credentials for the next subsequent login when I type the same url on another chrome tab? I dont want to restart the app

Hi Sir , needed the updated procedure of Spring security with OAuth2,ssince cloud security ,cloud Outh dependencies are not shown under dependencies of spring initializer,sir

I tried this one ,successfully run application ,and getting login page but login by giving credentials getting error page "site can not be reached ".in application logs are also fine so not able to check exactly why i am getting error.Could you please guiding me on this.

Your way of teaching is awesome. I need a help, Actually I want to consume the services of Adobe analytics. I have retrieved all the essential data required but I am confused what to put in "security.oauth2.resource.user-info-uri" property. When I start my server then I am able to login but it stuck on that page only. Can you please help!

I am getting a error --- field error in object 'resourceServerProperties' on field 'tokenInfoUri': rejected value [null]; missing.tokenInfoUri.resourceServerProperties.tokenInfoUri Please help me out

i am getting this error : error: redirect_uri_mismatch error_description: The redirect_uri MUST match the registered callback URL for this application. Please help, even though done same :/

One more question Is OAuth2 is also responsible for authentication !

Great session , but i want same session with Spring MVC , is it possible ?

i think access token should not deliver by browser which should pass in the backend

Could you guide how to cret a spring boot oauth 2 with keycloak for multitenant?

after giving GitHub login credentials, i got page mentioned - you are redirect to authorised application, if your browser does support, click here, after click it is downloaded not further process failed

HI Basant I am getting below error after login ava.lang.IllegalStateException: Access token provider returned a null access token, which is illegal according to the contract.

simple awesome

Pls Zoom in your screen. Please explain the yml configuration parameters added Boot 2.4.1 doest have Spring Cloud Security enabled

thanks sir

HI Basant, I really appreciate your effort, i learnt a lot regarding OAuth2, and mostly asked question in the interview. I tried your example, but it is giving me below exception, tried finding out from StackOverFlow, but no luck, Will you please give any hint or help? java.lang.IllegalStateException: Access token provider returned a null access token, which is illegal according to the contract.

Can u please do vedio on Jaeger tracing

How do we know if we are using 2 legged or 3 legged ?

How the access token is getting generated by Authorization server and How Resource server is validating whether it is a correct access_token or not!

How to do logout? Please explain.

Where we can see the user information after token got validated

Able to login but unable to logout

its Oauth 1 concept not Oauth 2

please remove ur clent id and secret from github repo