Skip to content

Microservice base Oauth2 authorization Server. this program is designed using Java and Spring Boot, which can be used to register and authenticate users and resource applications in an advanced way. This service can be used as register server

License

Notifications You must be signed in to change notification settings

alirezaalj/Oauth2-Authorization-Project

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Spring Security Authorization Service

Description

Oauth2 authorization Server. this program is designed using Java and Spring Boot, which can be used to register and authenticate users and resource applications in an advanced way. This service can be used as register server


Details:

  • Oauth service
  • Authentication and Authorization froms
  • Use fail attempts to block access
  • Use java email client to send emails
  • Different accesses for users
  • Creating a professional and encrypted link to verify user actions (email verification)
  • Create an html email template and send asymmetric emails
  • Use Google recaptcha
  • Jwt for api authentication
  • ŮŤSecuring webservice
  • Dockerized application with docker-compose
Goals
  • Authentication & Authorization server
  • Account validation
  • User management
  • Distributed service

How to use

Using maven and docker

Project dependencies

Config Project

  1. Download or clone project
git clone https://github.com/alirezaalj/Spring-Security-Authorization-Service.git
or 
wget https://github.com/alirezaalj/Spring-Security-Authorization-Service/archive/refs/heads/master.zip
  1. go to project folder open command line in there
cd Spring-Security-Authorization-Service
cp config-repository-copy/* config-repository/
cd config-repository 
git init
git add .
git commit -m "Initial commit" 
cd ..

email

my-spring:
  mail:
    host: <your smtp host> # your smtp host
    port: 587 # your smtp host port
    username: <your_emai_account> # your smtp account username
    password: <your_email_accunt_password>  #your smtp account password
    properties:
      mail:
        smtp:
          auth: true
          connectiontimeout: 5000
          timeout: 5000
          writetimeout: 5000
          starttls:
            enable: true # if your host has TLS is enabled else set false
  1. After Any change in conf/config-repository you must run git commit -m "Config commit"

  2. Change config-dev.env file configs:

  3. In application folder cd Spring-Security-Authorization-Service build jar file and docker image

mvn clean install -DskipTests
  1. Run Application docker compose
cd docker-compose

docker-compose --env-file config-dev.env up
application is ready on http://localhost:9000/

Use postman for Oauth client authorization: pkce, authorization_code

postman public workspace

https://www.postman.com/warped-station-341723/workspace/spring-auth-server/overview

application by default add 3 Oauth clients

  1. Stop Application : docker compose
cd docker-compose

docker-compose --env-file config-dev.env dwon

home

login


Run in development mode

Project dependencies:

Maven and Java

email

my-spring:
  mail:
    host: smtp.gmail.com # your smtp host
    port: 587 # your smtp host port
    username: <your_emai_account> # your smtp account username
    password: <your_email_accunt_password>  #your smtp account password
    properties:
      mail:
        smtp:
          auth: true
          connectiontimeout: 5000
          timeout: 5000
          writetimeout: 5000
          starttls:
            enable: true # if your host has TLS is enabled else set false

Database

  • postgres : Run postgres on port 5432 with username: postgres And password: postgres
  • i suggest using docker
  • dockerhub : https://hub.docker.com/_/postgres
  • using this commands for *pull *and use postgres whit docker
  • run and pull PostgreSQL whit docker and config password to postgres on port 5432
docker run --name postgresql-container -p 5432:5432 -e POSTGRES_PASSWORD=postgres -d postgres
  • create new database whit name : oauth_server_db
docker exec -it postgresql-container psql -U postgres -c "CREATE DATABASE oauth_server_db;"
  • you can use pgadmin4 connecting to postgrsql
  • if you are running postgrsql in your machine you can change conf/config-repository/oauth-postgres.yml file :
postgres:
  host: localhost
  db: oauth_server_db # database name
  user: postgres # username
  pass: postgres # password
  port: 5432 # port

Redis server

  • redis server is used for saving login failures, but you can run project without using redis by changing conf/config-repository/oauth-app.yml
...
    login:
      theme: default
      validator:
        validate-url: ${application.info.host}/verification/{path}/{token}
      fall:
        service: memory # login failures will be saved on memory
        max-attempt: 10
        expire-after:
          duration: 1
          unit: DAYS
...
running redis: if you want to save failures on redis
...
    login:
      theme: default
      validator:
        validate-url: ${application.info.host}/verification/{path}/{token}
      fall:
        service: redis # login failures will be saved on redis
...
  • Redis : Run redis on port 6379 with no username And password
  • i suggest using docker
  • dockerhub : https://hub.docker.com/_/redis
  • using this commands for *pull *and use redis whit docker
  • run and pull Redis whit docker and config on port 6379
docker run --name my-redis -p 6379:6379 -d redis

Running Project

  1. go to project folder
  2. cd "Oauth Authorzation Project" and Open this directory with your IDEA
  3. open config-server module
  4. copy all files inside conf/config-repository-copy/ to conf/config-repository/
  5. open command line in config-repository and run this commands: git init git add . git commit -m "Initial commit config repo"
  6. after any change on files in conf/config-repository/ you must commit them, then config server can pull them and make it available for other services
  7. Start by spring-boot-maven-plugin with your IDEA
# or run with command line
cd config-server
# and
mvn spring-boot:run
  1. project start on port 8888, and you can see the console - logging
  2. and configs are available on urls: (you can check them) username: spring_config_user password: spring_config_user
  1. If you are seen error like : error: invalid remote: origin it's because of bad configuration try change configuration file in config-server/src/main/resources/application.yml and change uri to absolute path of conf/config-repository
    config:
      server:
        git:
          uri: /home/user/Oauth2-Authorization-Project/conf/config-repository  # path to 'conf/config-repository' directory you can replace it with absolute path 
          default-label: master

After running Config Server we can run authorization-server

dependency:

  1. postgrsql is running
  2. redis is running -if using redis in fall config
  3. config-server is running
  4. email is configured

Start by spring-boot-maven-plugin with your IDEA

# or run with command line
cd authorization-serve
# and
mvn spring-boot:run
application is ready on http://localhost:9000/
The recaptcha is disabled if you have your domain recaptcha key and secret config them and make enable: true and commit changes inside config-repository

conf/config-repository/oauth-app.yml

google:
  recaptcha:
    enable: false
    key:
      site: <your google key-site> # your google key-site for domain like: localhost
      secret: <your google key-secret> # your google key-secret for domain like: localhost
The User configurations and OAuth2 Clients config
  • all configs are static in class
  • authorization-server/src/main/java/ir/alirezaalijani/security/authorization/service/initializers/DataSourceInitializer.java
  • You can read more about Oauth2

images:

Login page:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/login.png


Registering Page:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/registering.png


Forget Password:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/forget-password.png


Contact page:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/contact.png


Email Verification Template:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/email-verify.png

About

Microservice base Oauth2 authorization Server. this program is designed using Java and Spring Boot, which can be used to register and authenticate users and resource applications in an advanced way. This service can be used as register server

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published