Thanks a lot for this since there are very few tutorials on the new Spring Authorization Server! Small suggestion: could you please sort the videos in this playlist by upload date?
Great content Laurentiu, keep up the good works. I was trying out implementing an authorization server in a demo project, a project in which I intended to use reactive spring all through. I registered a user detail service but this time, using the ReactiveUserDetailService, which on like the usual UserDetailService returns a Mono from the loadUserByUsername(String s) method. Sadly the application refused to start on account that it could not find a bean of type UserDetailsService in context. Could anything be done about this or is there something I may be missing out on during the implementation?
Hi Eteka. Honestly, I don't think the Spring Security OAuth project has ever been created to support reactive development. I saw that at least. Maybe it'll work with the new authorization server when it will be fully released.
Hello Laur! Nowadays there is 1.1.0 already so things may be different back then, but what I've missed is how does the authorization server knows that code_verifier and code_challenge are required to be present as URL params? You didn't do any special configuration for this in your example.
I am Having 3 Application for this I am building 1 authorization server for better communication and security. and also i want to do SSO on this 3 application where my authorization server will act as a Identity provider. my question is how can i inter-communicate with this 3 application means. 1. for A Service I authenticate the user and get access token then i want to communicate with B -service then how can i do this with access token ? 2. and one more scenario if someone logins into my B-service then i want to give access for other 2 services(A and C) ? 3. Implementing SSO with Authorization server is it possible ?
Hi Laurentiu, version 0.1.0 was released on 11 Feb. Seems that the new version broke your example. Now after submitting the GET request with the challenge code, instead of redirecting to the default login page (localhost:8080/login), there is now a 404 error. Any suggestions how I can fix this? Thanks
Hi. Yes, my example is specifically for 0.0.2. We cannot assume any new version won't break the existing one because the authorization server is still experimental and doesn't guarantee backwards-compatibility yet. I will create soon a video for 0.1.0 and you will find it in the playlist dedicated for the experimental authorization server :) Cheers!
