Posts

Showing posts from November, 2017

Spring OAuth2 : Multiple clients using jdbc

1. Scenario Suppose you have a rest api for developers who can use your online services on their app. And of course it's not an open api that everyone can access. Each of them needs a client id and a secret to access your resource. What would you do? Give them the same in memory client id and secret? Of course not. You wouldn't have any control over your api and your users(consumers who use your api's) then. You need to set up a mechanism to differentiate each of your consumers so that they can only access your api's if you want them to and control how much resources each of them can access. Let's apply this mechanism in our code. We'll use database to store client inforamtions and use them when we need.
(FYI: Before proceeding to this article: Implementing OAuth2 in Spring Boot with Spring security. ) 2. Create a model for Client This class represents each of your OAuth2 clients.
@Entity @Table(name = "oauth_client_details") public class OAuth2Client…