Migrating from Spring Boot Oauth2 to Spring Security 5

0
votes

Today I'm using Spring Boot OAuth2 to grant correct use of OAuth2 in my project, so I have the following:

  1. I have API A calling API B
  2. API A generate JWT Token and calls API B.
  3. API B validate the JWT Token using two ways: Online (Introspection) and Offline (with RSA keys).

So, migrating to Spring Security 5 I got the following problems:

  1. I didn't found any samples (https://github.com/spring-projects/spring-security/tree/master/samples/boot) using Spring Cloud OpenFeign. All my project use it (Feing) and change to Spring WebClient can be very problematic.
  2. Documentation just talk about WebClient (https://docs.spring.io/spring-security/site/docs/current/reference/html5/#oauth2client), nothing about RestTemplate or Feign.
1
springspring-bootspring-securityspring-security-oauth2
See here: piotrminkowski.com/2017/12/01/… Section #7 shows how to add an Oauth interceptor to feign.SledgeHammer

1 Answers

0
votes

Joe Grandja wrote an OAuth2 application and the corresponding migrated Spring Security application.

You can check the examples here:

Spring Security OAuth 2.4 Migration Sample

Also, docs about configuring Spring Security are here:

OAuth 2.0 Resource Server