Enterprise OAuth 2.0

Enterprise OAuth 2.0 - Using okta(1)

Okta Authorization Server

image-20210424122255716

Okta setup and Endpoints

https://developer.okta.com/signup/

image-20210424154819305

Custom Resource Server using Spring boot

https://developer.okta.com/docs/reference/api/authorization-servers/#authorization-server-object

https://dev-15955701-admin.okta.com/admin/oauth2/as

image-20210424162724678

# Okta oauth security setting. The access tokens are coming in as JWT tokens
spring.security.oauth2.resourceserver.jwt.jwk-set-uri: <PLACE OKTA ISSUER URL HERE FROM OKTA CONSOLE>/v1/keys
Deep Dive Resource Owner Password Grant Type

image-20210424162710979

Create application client in Okta.

image-20210424164354307

image-20210424164617762

Test it on Postman.

============================================================

STEP 1: Construct a Token Request for username and password

============================================================

ENDPOINT =>

HTTP TYPE => POST

grant_type=

client_id=

client_secret= (NOT NEEDED)

username =

password

scope=openid profile email offline_access fakebook.api.read fakebookapi.admin

============================================================

STEP 2: Send Token Request and extract Token

============================================================

=> use openid profile email offline_access

=> Okta returns JWT tokens

=> dissect token in jwt.io

=> Difference between the ID TOKEN and ACCESS TOKEN

============================================================

STEP 3: Send a FakeBookAPI request (Get All Books)

============================================================

相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。
【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/keepmoving1113/p/14697386.html