It would have been less confusing if the names used were non-generic. "client", "spring" as values create confusion - one doesn't know at first glance if it is a user defined value, or something that you have to use as is. "client" and "spring" also happen to occur in property keys - not just here but in the larger spring/java ecosystem which adds to the confusion. Had to watch it back and forth several times to make sense.
Very relevant, thank you!! Just finished my own TH-cam series building a web app using Google Sign-on JWTs as my authorization server with Spring Boot/Spring Security as my resource server. I'd like to extend the series to include a custom Spring Authorization server :)
Thank you very much. That's very useful. Seems it doesn't work well with all the projects upgraded to latest spring boot version. Just leaving the oauth client not upgraded will work though
Hi Josh, awesome video as always. Would it be possible to extend this example to multiple different identity providers in the authorization server and how would this be done, since the idp will generate the token but the client will validate against the Authorization Server?
Hi again, one question, if somebody can help me... I have a front end with a HTML login, is possible use this HTML login to validate into authorization server, instead of default login page of authoritzation server? I don't customize the login page, I want use login HTML of my frontend. regards
Please lose the "30 seconds later" animations. They are only annoying, adding nothing to the video.
9 หลายเดือนก่อน +6
please, is Josh Long, do you know how many people this man has helped? You don't know what you are saying, for me he can put that intro longer if he wants, it is nothing compared to all his contribution, and he is always contributing.
It would have been less confusing if the names used were non-generic. "client", "spring" as values create confusion - one doesn't know at first glance if it is a user defined value, or something that you have to use as is. "client" and "spring" also happen to occur in property keys - not just here but in the larger spring/java ecosystem which adds to the confusion. Had to watch it back and forth several times to make sense.
i agree!
good point
Very relevant, thank you!! Just finished my own TH-cam series building a web app using Google Sign-on JWTs as my authorization server with Spring Boot/Spring Security as my resource server. I'd like to extend the series to include a custom Spring Authorization server :)
Thank you very much. That's very useful. Seems it doesn't work well with all the projects upgraded to latest spring boot version. Just leaving the oauth client not upgraded will work though
followed this to the letter but for some reason I am getting a whitelabel "/error" is there something I am missing? its saying too many redirects 🤔
Hi Josh, awesome video as always. Would it be possible to extend this example to multiple different identity providers in the authorization server and how would this be done, since the idp will generate the token but the client will validate against the Authorization Server?
I would love some kind of tutorial on how to set up a client credentials grant / flow authorization server
thank you very useful
Josh, where can I buy this t-shirt? Great video!!
Great video Josh. My use case is internel app eg APIs -> gateway -> resource server. Can I use the oauth2 server in this scenario?
Great video thank you!
Hey Josh, you are the man as usual....although I do have 1 question, how does the user logout? Cheers
maybe by just calling the "/logout" in the app where you have your oauth2 client?
Doest Spring Authorization server support SAML protocol?
Would it be possible or you to implement PKCE
In the client application, It is giving me error "Unknown provider ID 'spring'"
where in code authorization code is exchanged with access token?
This is great
"on my second favorite place on the Internet", 😂😂😂 always
Hi again, one question, if somebody can help me... I have a front end with a HTML login, is possible use this HTML login to validate into authorization server, instead of default login page of authoritzation server? I don't customize the login page, I want use login HTML of my frontend. regards
I imagine you can do it with a redirect in the oauth2 configuration
consent page is not coming. in my case after login directly it is show response with {"message" : "Hello, one"}
The consent page is not showing because in the application.yml in the registration spring section, we didnt specify requires consent.
6:21 you mean spring.security.oauth2.authorizationserver.client.client1.requires-authorization-consent=true
I have already configured above property
hello, when i get localhost:8080/ authserver print out org.springframework.security.access.AccessDeniedException: Access Denied, why ?
Please share your code
much helpful thank you :) 77th like
if you speak "slower" , it could help non-english speakers to understand you better.
Please lose the "30 seconds later" animations. They are only annoying, adding nothing to the video.
please, is Josh Long, do you know how many people this man has helped?
You don't know what you are saying, for me he can put that intro longer if he wants, it is nothing compared to all his contribution, and he is always contributing.