[008] How to Secure Micro services - oAuth2 Server part 01 - [Micro services in and out 008]

I've been trying to wrap my head around OAuth 2.0 from past 1 week. Tried many blogs and video tutorials but nothing was as clear and simple as this video. Thanks a lot!

අයියා මේක නියමයි. ඔයාට මාර teaching skill එකක් තියෙන්නේ , Thanks a lot!

Awesome explanation , could you please integrate this Auth server concept with Spring Cloud API Gateway it would be more helpful

Many Thanks Krish!! You are awesome!

realy very clean and smart video. Thank u so much

Explanation is very clear...I have more confusion but now i'm clear and i'm in correct track...Thank you so much....

I had lot of confusion before watching this video, but now totally cleared. thanks

you are a perfect teacher. Waiting for the next lecture. Thanks!

Really good explanation sir..

Nice session and thanks for spending your valuable time.

Very good video. Thanks! Keep them coming

Good one Krishantha.

really great, very granular description...subscribed

Explanation is clean and clear ...... 😊🤞.... Thanks for the tutorial...🙂

Thanks Krish for nice valuable presentation.

Great explanation, i had confusion in the error information now its clear. Thank you so much

Thanks Krishantha, its really helpful.

It was really helpful. thank yooooooou

So nice..
You are great Sir

Great informative content..👍👍

Thanks a ton for this presentation really very helpful

Great explanation

Amazing tutorial and easy to undestand! Thank you so much (y)

Thanks a lot sir, you are really explained in a better understanding way..

Great tutorial, Clean and clear!

LOVE IT!

great tutorial i love the way you explain

Thanks a lot...very good explanation

I Working on role based inventory management system using angular UI. At backend using microservices using Spring Boot 2.6.1. Can you please make a video for oauth2-client, oauth2-resource-server? I am very confused to create authorization server and then protect spring cloud api gateway to ensure the protection of all microservices with user login.

thanks man, learnt alot

Excellent presentation, but I am not able to move forward, facing Unauthorized error message even after sending basic auth params.Output looks like this {
"timestamp": "2019-08-12T06:18:58.932+0000",
"status": 401,
"error": "Unauthorized",
"message": "Unauthorized",
"path": "/oauth/token"
}

very nice sir! thanks ! pls keep posting more videoes on Kubernetes and docker concet=pts

You deserves a subscribe mate.

Hi Dinesh, currently "cloud oauth" dependency is not available in spring initializer app. Also the @EnableAutherizationServer has not been supported by spring boot.
Is there any other ways to make authorization server with latest updates. If possible could you please make a video?

9:37 you mentioned that the client talks to resource owner first. But 11:16 you are mentioning that the client talks to authorization server first. Why?

Great Video

Great Tuto

Great!

Great

Great video! Could you please show/explain what exact request sent from your HttpClient (curl format). Also I'm lost when to send "mobile/pin" and when "krish/krish123"

How does one create new CLIENTs and USERs in production. Here we have used SQL scripts to create users/clients. Thanks for your videos. It helps learners like me.

Thank you very much

I have few question:s
1. why AuthenticationManager is not required to be injected to endpoint at the time of reading the client-credentials from yml file(same for passwordEncoder).
2. why AuthenticationManager is autowired only inside AuthServerConfigurations(not in UserConfiguration)
Thanks in Advance...

Hi Krish , How will i do refresh token and how can i send permission with jwt token ,Plz

Superb explanation and the drilling down the when the issues appear. Haven't seen this kind of tutorial regarding OAuth2 Spring security, Cheers #Krish

its nice, instead showing yourself better focus on presentation, so that no distraction.

roles in not coming once you doing in in-memory java code configuration

What REST client app are you using for testing?

I'm getting 401 unauthorized in spring boot 2.2.5 for this configuration, can't find why...

Please help
what if in my application let's say I am implementing the oauth using google for SIGNUPand when the user gets signup using the google auth and then the google auth will only give me the email id of the user then how I am going to implement the Authorization in my application like role based giving access to different users.

I want call third party api using java code,which has implemented oAuth2.0 to secure the APIs.
1st I got the access_token from that Service.
Secondly, I want to send a POST request to one api, by sending stringXML and access_token. So, which method of RestTemple should I use??? If there is any best approach please let me know. Sir, please respond asap.

which app do u use for api testing, that looks really cool

I am not sure, how will you implement this using Zuul as the edge node

Can you make tutorial about oauth2 using mongodb ? I have many problem when i change to mongoDB .. Thank you so much !

Hi Krish,
what's the http client you use ? Thank you, Esteban

Why did you change application.properties to application.yml?

which tool are using to build the oauth

super

how to add resource server along with this?

Hello Krishantha, Are you going to release the videos on Resource server also..??
Could you also create a video for oauth 2.0 using grant type as client_credentials with separate applications for Authorization server and resource server. Thanks in advance..!!

Hi Krish, I followed your oauth 2 example and could get declarative way code running,but programmatic way is not working,gettinh unauthorized for /oauth/token,followed your video and example step by step,can u pls suggest

What is the difference between oauth and ssl

Thanks so much 💪

I can not find you on Instagram

May I know what are the client-id and client-secret stand for?

Hi Sir ,
I am not able to understand why client-id and secret along with user name and password has to be put in-order to get authorization code ?? If my understanding is correct , user is not related to any client apps which gets registered with authorization server .
Please help

refreshtoken not getting

Sir Please post one video on jwt token store

Hi, Nice session. Could you please commit the final oauth2 project in github.
If possible, can you give the session on below integration(SSO) :
apps will be : 1 Central Authentication and authorization server with its own custom login page.
2. There will be micro-service which have a rest api
3. Web MVC application with spring security, when application is run, user is redirected to login page of Authentication and authorization server and upon successful login user is redirected and lands to home page from where he further try to get respose from above rest api based on client secret and id

Thanks

I have implemented as instructed in the video. But I am encountering an exception for POST /oauth/token HTTP/1.1
Host: localhost:8090
Content-Type: application/x-www-form-urlencoded
Authorization: Basic bW9iaWxlOnBpbg==
User-Agent: PostmanRuntime/7.19.0
grant_type=password&username=cs405017&password=*****&role=ADMIN.
Exception :
[nio-8090-exec-2] o.s.s.o.provider.endpoint.TokenEndpoint : Handling error: NestedServletException, Handler dispatch failed; nested exception is java.lang.StackOverflowError.
On reading different similar issues on the internet --- all of them points out at authenticationManager instantiation override. But I have correctly overriden it.
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception{
return super.authenticationManagerBean();
}
pom.xml

org.springframework.boot
spring-boot-starter-web


org.springframework.cloud
spring-cloud-starter-oauth2



org.springframework.cloud
spring-cloud-starter-security
2.1.4.RELEASE
Please assist.

Thanks a lot for the efforts
But this ended up to be an another oauth tutorial with no insights!! How to do oauth in spring is available easily but explanation on how to do with insights!!! Stil missing

Please check and answer. I am Stuck.

The explanation given in the beginning is not clearly explained with code. Losing interest as the coding progress since there is no connecting explanation between the code and concept. Please improve

I am not able to make it work with context path. Use to work fine with spring 1.5 but getting problem with spring 2. Any ideas why

Thank you very much