Revamp OAuth 2.0 Client reactive documentation
Related gh-8174
This commit is contained in:
parent
a487ef2d74
commit
47087ba9c5
|
@ -90,7 +90,7 @@
|
||||||
*** xref:reactive/authorization/method.adoc[EnableReactiveMethodSecurity]
|
*** xref:reactive/authorization/method.adoc[EnableReactiveMethodSecurity]
|
||||||
** xref:reactive/oauth2/index.adoc[OAuth2]
|
** xref:reactive/oauth2/index.adoc[OAuth2]
|
||||||
*** xref:reactive/oauth2/login.adoc[OAuth 2.0 Login]
|
*** xref:reactive/oauth2/login.adoc[OAuth 2.0 Login]
|
||||||
*** xref:reactive/oauth2/access-token.adoc[OAuth2 Client]
|
*** xref:reactive/oauth2/oauth2-client.adoc[OAuth2 Client]
|
||||||
*** xref:reactive/oauth2/resource-server.adoc[OAuth 2.0 Resource Server]
|
*** xref:reactive/oauth2/resource-server.adoc[OAuth 2.0 Resource Server]
|
||||||
*** xref:reactive/registered-oauth2-authorized-client.adoc[@RegisteredOAuth2AuthorizedClient]
|
*** xref:reactive/registered-oauth2-authorized-client.adoc[@RegisteredOAuth2AuthorizedClient]
|
||||||
** xref:reactive/exploits/index.adoc[Protection Against Exploits]
|
** xref:reactive/exploits/index.adoc[Protection Against Exploits]
|
||||||
|
|
|
@ -1,52 +0,0 @@
|
||||||
[[webflux-oauth2-client]]
|
|
||||||
= OAuth2 Client
|
|
||||||
|
|
||||||
Spring Security's OAuth Support allows obtaining an access token without authenticating.
|
|
||||||
A basic configuration with Spring Boot can be seen below:
|
|
||||||
|
|
||||||
[source,yml]
|
|
||||||
----
|
|
||||||
spring:
|
|
||||||
security:
|
|
||||||
oauth2:
|
|
||||||
client:
|
|
||||||
registration:
|
|
||||||
github:
|
|
||||||
client-id: replace-with-client-id
|
|
||||||
client-secret: replace-with-client-secret
|
|
||||||
scope: read:user,public_repo
|
|
||||||
----
|
|
||||||
|
|
||||||
You will need to replace the `client-id` and `client-secret` with values registered with GitHub.
|
|
||||||
|
|
||||||
The next step is to instruct Spring Security that you wish to act as an OAuth2 Client so that you can obtain an access token.
|
|
||||||
|
|
||||||
.OAuth2 Client
|
|
||||||
====
|
|
||||||
.Java
|
|
||||||
[source,java,role="primary"]
|
|
||||||
----
|
|
||||||
@Bean
|
|
||||||
SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception {
|
|
||||||
http
|
|
||||||
// ...
|
|
||||||
.oauth2Client(withDefaults());
|
|
||||||
return http.build();
|
|
||||||
}
|
|
||||||
----
|
|
||||||
|
|
||||||
|
|
||||||
.Kotlin
|
|
||||||
[source,kotlin,role="secondary"]
|
|
||||||
----
|
|
||||||
@Bean
|
|
||||||
fun webFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain {
|
|
||||||
return http {
|
|
||||||
// ...
|
|
||||||
oauth2Client { }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
----
|
|
||||||
====
|
|
||||||
|
|
||||||
You can now leverage Spring Security's xref:reactive/integrations/webclient.adoc[webclient] or xref:reactive/registered-oauth2-authorized-client.adoc#webflux-roac[@RegisteredOAuth2AuthorizedClient] support to obtain and use the access token.
|
|
|
@ -4,5 +4,5 @@
|
||||||
Spring Security provides OAuth2 and WebFlux integration for reactive applications.
|
Spring Security provides OAuth2 and WebFlux integration for reactive applications.
|
||||||
|
|
||||||
* xref:reactive/oauth2/login.adoc[OAuth 2.0 Login] - Authenticating with OAuth 2.0
|
* xref:reactive/oauth2/login.adoc[OAuth 2.0 Login] - Authenticating with OAuth 2.0
|
||||||
* xref:reactive/oauth2/access-token.adoc[OAuth2 Client] - Making requests to an OAuth2 Resource Server as an OAuth2 Client
|
* xref:reactive/oauth2/oauth2-client.adoc[OAuth2 Client] - Making requests to an OAuth2 Resource Server as an OAuth2 Client
|
||||||
* xref:reactive/oauth2/resource-server.adoc[OAuth 2.0 Resource Server] - protecting a REST endpoint using OAuth 2.0
|
* xref:reactive/oauth2/resource-server.adoc[OAuth 2.0 Resource Server] - protecting a REST endpoint using OAuth 2.0
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -8,7 +8,7 @@ Spring Security allows resolving an access token using `@RegisteredOAuth2Authori
|
||||||
A working example can be found in {gh-samples-url}/reactive/webflux/java/oauth2/webclient[*OAuth 2.0 WebClient WebFlux sample*].
|
A working example can be found in {gh-samples-url}/reactive/webflux/java/oauth2/webclient[*OAuth 2.0 WebClient WebFlux sample*].
|
||||||
====
|
====
|
||||||
|
|
||||||
After configuring Spring Security for xref:reactive/oauth2/login.adoc#webflux-oauth2-login[OAuth2 Login] or as an xref:reactive/oauth2/access-token.adoc#webflux-oauth2-client[OAuth2 Client], an `OAuth2AuthorizedClient` can be resolved using the following:
|
After configuring Spring Security for xref:reactive/oauth2/login.adoc#webflux-oauth2-login[OAuth2 Login] or as an xref:reactive/oauth2/oauth2-client.adoc#webflux-oauth2-client[OAuth2 Client], an `OAuth2AuthorizedClient` can be resolved using the following:
|
||||||
|
|
||||||
====
|
====
|
||||||
.Java
|
.Java
|
||||||
|
|
|
@ -48,3 +48,4 @@ Below are the highlights of the release.
|
||||||
** Added https://github.com/spring-projects/spring-security/pull/10269[custom response parsing] for Access Token Requests
|
** Added https://github.com/spring-projects/spring-security/pull/10269[custom response parsing] for Access Token Requests
|
||||||
** Added https://github.com/spring-projects/spring-security/pull/10327[jwt-bearer Grant Type support] for Access Token Requests
|
** Added https://github.com/spring-projects/spring-security/pull/10327[jwt-bearer Grant Type support] for Access Token Requests
|
||||||
** Added https://github.com/spring-projects/spring-security/pull/10336[JWT Client Authentication support] for Access Token Requests
|
** Added https://github.com/spring-projects/spring-security/pull/10336[JWT Client Authentication support] for Access Token Requests
|
||||||
|
** Improved https://github.com/spring-projects/spring-security/pull/10373[Reactive OAuth 2.0 Client Documentation]
|
||||||
|
|
Loading…
Reference in New Issue