Download - OAuth2 Protocol with Grails Spring Security
![Page 1: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/1.jpg)
OAUTH 2.0
![Page 2: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/2.jpg)
What is OAuth
OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and DigitalOcean. It works by delegating user authentication to the service that hosts the user account, and authorizing third-party applications to access the user account.
![Page 3: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/3.jpg)
How to work
![Page 4: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/4.jpg)
Lets start building an app with OAuth
![Page 5: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/5.jpg)
Add plugin in buildConfig.groovy
compile ":spring-security-oauth2- provider:2.0-RC5"
![Page 6: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/6.jpg)
Domain Classes
Run this script
grails s2-init-oauth2-provider <package> <client> <authorization-code> <access-token> <refresh-token>
![Page 7: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/7.jpg)
Config.groovy
grails.plugin.springsecurity.controllerAnnotations.staticRules = [
[pattern: '/oauth/authorize', access: "isFullyAuthenticated() and (request.getMethod().equals('GET') or request.getMethod().equals('POST'))"],
[pattern: '/oauth/token', access: "isFullyAuthenticated() and request.getMethod().equals('POST')"],
]
![Page 8: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/8.jpg)
grails.plugin.springsecurity.filterChain.chainMap = [ [pattern: '/oauth/token', filters: 'JOINED_FILTERS,-
oauth2ProviderFilter,-securityContextPersistenceFilter,-logoutFilter,-authenticationProcessingFilter,-rememberMeAuthenticationFilter,-exceptionTranslationFilter'],
[pattern: '/securedOAuth2Resources/**', filters: 'JOINED_FILTERS,-securityContextPersistenceFilter,-logoutFilter,-authenticationProcessingFilter,-rememberMeAuthenticationFilter,-oauth2BasicAuthenticationFilter,-exceptionTranslationFilter'],
[pattern: '/**', filters: 'JOINED_FILTERS,-statelessSecurityContextPersistenceFilter,-oauth2ProviderFilter,-clientCredentialsTokenEndpointFilter,-oauth2BasicAuthenticationFilter,-oauth2ExceptionTranslationFilter']
]
![Page 9: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/9.jpg)
Add UserRole roleUser = new Role(authority: 'ROLE_USER').save(flush: true)
User user = new User( username: 'user1', password: 'user1', enabled: true, accountExpired: false, accountLocked: false, passwordExpired: false ).save(flush: true)
UserRole.create(user, roleUser, true)
![Page 10: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/10.jpg)
Add Client
new RestClient( clientId: 'AskMeBazaar', authorizedGrantTypes: ['authorization_code',
'refresh_token', 'implicit', 'password', 'client_credentials'], authorities: ['ROLE_CLIENT'], scopes: ['read', 'write'], redirectUris: ['path of your application where u
want to render the auth code'] ).save(flush: true)
![Page 11: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/11.jpg)
Authorization Code Grant
http://localhost:8080/oauth2-test/oauth/authorize?response_type=code&client_id=my-client&scope=read
![Page 12: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/12.jpg)
Redirect
http://myredirect.com/?code=139R59
![Page 13: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/13.jpg)
Using HTTP Basic for client authentication
curl -X POST \
-d "client_id=my-client" \
-d "grant_type=authorization_code" \
-d "code=139R59" http://localhost:8080/oauth2-test/oauth/token
![Page 14: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/14.jpg)
receive the access token in the response
access_token": "a1ce2915-8d79-4961-8abb-2c6f0fdb4aba",
"token_type": "bearer",
"refresh_token": "6540222d-0fb9-4b01-8d45-7be2bdfb68f9",
"expires_in": 43199,
"scope": "read"
![Page 15: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/15.jpg)
References
https://developers.google.com/identity/protocols/OAuth2
https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
https://grails.org/plugins/tag/oauth2
![Page 16: OAuth2 Protocol with Grails Spring Security](https://reader036.vdocuments.us/reader036/viewer/2022082904/589e8f6d1a28ab443e8b6c8d/html5/thumbnails/16.jpg)