Скачать с ютуб Spring Authorization and Resource Servers in Separate Applications в хорошем качестве

Spring Authorization and Resource Servers in Separate Applications

In this Spring Security tutorial, I'm excited to walk you through the steps of implementing Spring authorization server and Spring resource server in two separate applications. In other words, you will learn how to secure your existing REST APIs using Spring Security with: OAuth2 Client Credentials Grant Type which is widely used to secure REST APIs Spring Authorization Server that issues access tokens to clients Spring Resource Server that authorizes the clients by verifying JWTs In-memory Client Credentials are used instead of persistent ones in database Persistent RSA keypair which is the best practice Through this guide, I will show you developing two separate applications: The first one acts as an authorization server The second one acts as a resource server In addition, you will also learn: Customize access token generation process Decode the issued access tokens (JWT) Test REST API Security with Postman Key Technologies: Spring Boot 3.4.x Spring Framework 6.2.x Spring Security 6.4.x Spring Security OAuth2 Authorization Server 1.4.x Spring Security OAuth2 Resource Server 1.4.x Software programs: Java Development Kit (OpenJDK) Spring Tool Suite IDE (STS) Postman desktop app Timestamps: 00:12 What You Will Learn 03:34 Review Existing REST APIs 08:47 Security Requirement 09:36 Create Authorization Server Application 13:28 Enable Spring Authorization Server 15:02 Create in-memory Client Credentials 20:19 Test Get Access Token API 24:24 Decode Issued Access Token 26:05 Configure Persistent RSA Keypair 33:38 ConfigureJWT Encoder 37:29 Enable Resource Server 45:34 Expose JWK Set API 53:22 Configure JWT Decoder 55:50 Test API Security using Postman 59:05 Customize Access Token Generation 1:05:40 Secure Remaining REST APIs #springsecurity #restapis #oauth2 #springboot #java #springframework #AuthorizationServer