Spring Authorization Server - From the basics - Second Edition

If you are:

* Who has been working with Java programming
* Already know about Spring and Spring Security framework
* Already know about OAuth and OpenID Connect
* Want to build an Authorization Server using Spring Authorization Server

this book is for you.

This book covers Spring Authorization server version 1.1.3.

Table of contents:

1. Introduction

1.1 OAuth 2.1

1.2 OpenID Connect

1.3 Spring Authorization Server

2. Getting started

3. Configure Authorization Server

3.1 Configuration for default endpoints

3.2 Configure JSON Web Key

3.3 Configure AuthorizationServerSettings

3.4 Configure Spring Security

3.5 Register client with Authorization Server

3.6 Register user with Authorization Server

3.7 OAuth Authorization Server Info

4. OAuth 2.1 grant types

4.1 Authorization Code grant type

4.1.1 Standard

4.1.2 With PKCE

4.2 Client Credentials grant type

4.3 Refresh Token grant type

4.4 Extension grant type

4.4.1 Device Code grant type

5. Access token

5.1 Change expiration time

5.2 Change format

5.3 Token introspection

5.4 Token revocation

5.5 Add more claims

6. JWT/JWS/JWK

6.1 Define JSON Web Key Set using PKCS12 keystore file

6.1.1 Generate PKCS12 keystore file

6.1.2 Use PKCS12 keystore file

6.2 Defines JSON Web Key Set using key file generated using OpenSSL

6.2.1 Generate key files using OpenSSL

6.2.2 Use key files

7. OpenID Connect

7.1 ID Token

7.2 User Info

7.3 Client Registration

7.4 Client Read

7.5 Provider Configuration

7.6 Logout

8. JDBC

8.1 RegisteredClient

8.2 Authorization

8.3 Authorization Consent

9. Customization

9.1 Login

9.2 Consent Screen

9.2.1 Define request URI

9.2.2 Define consent screen template

9.2.3 Configure Authorization Server

Appendix

A. Client types in OAuth 2.1