GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Revamp OAuth 2.0 Client reactive documentation 

Related gh-8174
pull/10384/head
Steve Riesenberg 4 years ago committed by Steve Riesenberg
parent
a487ef2d74
commit
47087ba9c5
6 changed files with 2081 additions and 55 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      docs/modules/ROOT/nav.adoc
  2. 52
      docs/modules/ROOT/pages/reactive/oauth2/access-token.adoc
  3. 2
      docs/modules/ROOT/pages/reactive/oauth2/index.adoc
  4. 2077
      docs/modules/ROOT/pages/reactive/oauth2/oauth2-client.adoc
  5. 2
      docs/modules/ROOT/pages/reactive/registered-oauth2-authorized-client.adoc
  6. 1
      docs/modules/ROOT/pages/whats-new.adoc

2
docs/modules/ROOT/nav.adoc
Unescape View File

@ -90,7 +90,7 @@ @@ -90,7 +90,7 @@
*** xref:reactive/authorization/method.adoc[EnableReactiveMethodSecurity]
** xref:reactive/oauth2/index.adoc[OAuth2]
*** xref:reactive/oauth2/login.adoc[OAuth 2.0 Login]
*** xref:reactive/oauth2/access-token.adoc[OAuth2 Client]
*** xref:reactive/oauth2/oauth2-client.adoc[OAuth2 Client]
*** xref:reactive/oauth2/resource-server.adoc[OAuth 2.0 Resource Server]
*** xref:reactive/registered-oauth2-authorized-client.adoc[@RegisteredOAuth2AuthorizedClient]
** xref:reactive/exploits/index.adoc[Protection Against Exploits]

52
docs/modules/ROOT/pages/reactive/oauth2/access-token.adoc
Unescape View File

@ -1,52 +0,0 @@ @@ -1,52 +0,0 @@
[[webflux-oauth2-client]]
= OAuth2 Client
Spring Security's OAuth Support allows obtaining an access token without authenticating.
A basic configuration with Spring Boot can be seen below:
[source,yml]
----
spring:
security:
oauth2:
client:
registration:
github:
client-id: replace-with-client-id
client-secret: replace-with-client-secret
scope: read:user,public_repo
----
You will need to replace the `client-id` and `client-secret` with values registered with GitHub.
The next step is to instruct Spring Security that you wish to act as an OAuth2 Client so that you can obtain an access token.
.OAuth2 Client
====
.Java
[source,java,role="primary"]
----
@Bean
SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception {
http
// ...
.oauth2Client(withDefaults());
return http.build();
}
----
.Kotlin
[source,kotlin,role="secondary"]
----
@Bean
fun webFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain {
return http {
// ...
oauth2Client { }
}
}
----
====
You can now leverage Spring Security's xref:reactive/integrations/webclient.adoc[webclient] or xref:reactive/registered-oauth2-authorized-client.adoc#webflux-roac[@RegisteredOAuth2AuthorizedClient] support to obtain and use the access token.

2
docs/modules/ROOT/pages/reactive/oauth2/index.adoc
Unescape View File

@ -4,5 +4,5 @@ @@ -4,5 +4,5 @@
Spring Security provides OAuth2 and WebFlux integration for reactive applications.
* xref:reactive/oauth2/login.adoc[OAuth 2.0 Login] - Authenticating with OAuth 2.0
* xref:reactive/oauth2/access-token.adoc[OAuth2 Client] - Making requests to an OAuth2 Resource Server as an OAuth2 Client
* xref:reactive/oauth2/oauth2-client.adoc[OAuth2 Client] - Making requests to an OAuth2 Resource Server as an OAuth2 Client
* xref:reactive/oauth2/resource-server.adoc[OAuth 2.0 Resource Server] - protecting a REST endpoint using OAuth 2.0

2077
docs/modules/ROOT/pages/reactive/oauth2/oauth2-client.adoc
View File

File diff suppressed because it is too large Load Diff

2
docs/modules/ROOT/pages/reactive/registered-oauth2-authorized-client.adoc
Unescape View File

@ -8,7 +8,7 @@ Spring Security allows resolving an access token using `@RegisteredOAuth2Authori @@ -8,7 +8,7 @@ Spring Security allows resolving an access token using `@RegisteredOAuth2Authori
A working example can be found in {gh-samples-url}/reactive/webflux/java/oauth2/webclient[*OAuth 2.0 WebClient WebFlux sample*].
====
After configuring Spring Security for xref:reactive/oauth2/login.adoc#webflux-oauth2-login[OAuth2 Login] or as an xref:reactive/oauth2/access-token.adoc#webflux-oauth2-client[OAuth2 Client], an `OAuth2AuthorizedClient` can be resolved using the following:
After configuring Spring Security for xref:reactive/oauth2/login.adoc#webflux-oauth2-login[OAuth2 Login] or as an xref:reactive/oauth2/oauth2-client.adoc#webflux-oauth2-client[OAuth2 Client], an `OAuth2AuthorizedClient` can be resolved using the following:
====
.Java

1
docs/modules/ROOT/pages/whats-new.adoc
Unescape View File

@ -48,3 +48,4 @@ Below are the highlights of the release. @@ -48,3 +48,4 @@ Below are the highlights of the release.
** Added https://github.com/spring-projects/spring-security/pull/10269[custom response parsing] for Access Token Requests
** Added https://github.com/spring-projects/spring-security/pull/10327[jwt-bearer Grant Type support] for Access Token Requests
** Added https://github.com/spring-projects/spring-security/pull/10336[JWT Client Authentication support] for Access Token Requests
** Improved https://github.com/spring-projects/spring-security/pull/10373[Reactive OAuth 2.0 Client Documentation]

Write Preview
Loading…
Cancel
Save