oauth-demoapi-spring's Introduction

oauth-demoapi-spring

Spring OAuth demo API, acting as OAuth2 Resource Server.

OpenAPI definition

openapi: 3.0.1
info:
  title: Products API
  description: Products API (secured using OAuth)
  version: 1.0.0
servers:
- url: http://demoapi:8081/api/v1
tags:
- name: product
  description: Operations about products
paths:
  /products:
    get:
      tags:
      - product
      summary: Get products
      security:
        - bearerOAuth: [api.identicum.com/products:read]
      responses:
        401:
          $ref: '#/components/responses/UnauthorizedError'
        200:
          description: successful operation
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/Product'
components:
  responses:
    UnauthorizedError:
      description: Access token is missing or invalid
  schemas:
    Product:
      type: object
      properties:
        id:
          type: integer
          format: int64
        name:
          type: string
      xml:
        name: Product
  securitySchemes:
    bearerOAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT Access token

oauth-demoapi-spring's People

Contributors

Stargazers

Watchers

oauth-demoapi-spring's Issues

Add Java logic to do JWT ATs validation

Spring security parameters as environment variables

Add logic to allow passing parameters in application.yml as environment variables, to be able to execute as docker container with pre-built image.

Add example configuration to do JWT AT validation

To prevent calling the introspect_endpoint when the AT is a JWT.

docs

spring:
  security:
    oauth2:
      resourceserver:
        jwt:
          issuer-uri: https://idp.example.com
          jwk-set-uri: https://idp.example.com/.well-known/jwks.json

Recommend Projects