Skip to content

This program is designed using Java and Spring Boot, which can be used to register and authenticate users in an advanced way. This service can be used as an authentication server

Notifications You must be signed in to change notification settings

alirezaalj/Spring-Security-Authorization-Service

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Spring Security Authorization Service

Description

Oauth2 authorization Server. this program is designed using Java and Spring Boot, which can be used to register and authenticate users and resource applications in an advanced way. This service can be used as register server


Details:

  • Oauth service
  • Authentication and Authorization froms
  • Use fail attempts to block access
  • Use java email client to send emails
  • Different accesses for users
  • Creating a professional and encrypted link to verify user actions (email verification)
  • Create an html email template and send asymmetric emails
  • Use Google recaptcha
  • Jwt for api authentication
  • ٍSecuring webservice
  • Dockerized application with docker-compose
Goals
  • Authentication & Authorization server
  • Account validation
  • User management
  • Distributed service

How to use

Using maven and docker

Project dependencies

Config

  1. Download or clone project
git clone https://github.com/alirezaalj/Spring-Security-Authorization-Service.git
or 
wget https://github.com/alirezaalj/Spring-Security-Authorization-Service/archive/refs/heads/master.zip
  1. go to project folder open command line in there
cd Spring-Security-Authorization-Service
  1. Change auth-app-env file configs change email configs in here is use gmail
SPRING_MAIL_HOST=smtp.gmail.com
SPRING_MAIL_HOST_PORT=587
SPRING_MAIL_USERNAME=<your_gmail_account>
SPRING_MAIL_PASSWORD=<account_password>
change other configs if you need

the recaptcha keys in config file are for the localhost if you are running on localhost there is no need to change them. or config recaptcha enable to false

## application name
APPLICATION_INFO_NAME=Alireza Alijani Auth Service
## application domian
APPLICATION_INFO_HOST=security.alirezaalijani.ir
## contact email
APPLICATION_INFO_CONTACT_EMAIL=contact@alirezaalijani.ir
## encrypting keys
APPLICATION_SECURITY_ENCRYPTION_TOKEN_SECRET_KEY=tokenKey
APPLICATION_SECURITY_ENCRYPTION_TOKEN_SALT=5c0744940b5c369b
## token validation url - only domain can be changed
APPLICATION_SECURITY_LOGIN_VALIDATOR_VALIDATE_URL=http://localhost:9000/verification/{path}/{token}
## some client application redirect after login with token 
APPLICATION_SECURITY_LOGIN_SUCCESS_REDIRECT_URL=http://localhost:4200/validate/{token}
## google recaptch configs
GOOGLE_RECAPTCHA_ENABLE=true
GOOGLE_RECAPTCHA_KEY_SITE=<your domain recaptcha site>
GOOGLE_RECAPTCHA_KEY_SECRET=<your domain recaptcha key>
  1. In application folder build jar file and docker image
mvn clean install -DskipTests
  1. Run docker compose
cd docker-compose
# without ssl
docker-compose --env-file auth-app-env up

# with ssl
docker-compose --env-file auth-app-env-ssl up
application is ready on http://localhost:9000/

Use postman for Oauth client authorization: pkce, authorization_code

postman public workspace

https://www.postman.com/warped-station-341723/workspace/spring-auth-server/overview

application by default add 3 Oauth clients

home

login


Run in devmode

Project dependencies
docker run --name postgresql-container -p 5432:5432 -e POSTGRES_PASSWORD=postgres -d postgres

add your email info to application-mail.yml file and host info

spring:
  mail:
    host: <emai_host> #if useing gmail smtp.gmail.com
    port: 587
    username: <your_emai_account>
    password: <your_email_accunt_password>

Run

  1. go to project folder
  2. start by spring-boot-maven-plugin
mvn spring-boot:run
  1. project start on port 9000, and you can see the console - logging
  2. command to create jar file
 mvn clean install
application is ready on http://localhost:9000/

images:

Login page:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/login.png


Registering Page:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/registering.png


Forget Password:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/forget-password.png


Contact page:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/contact.png


Email Verifivation Template:

https://raw.githubusercontent.com/alirezaalj/Spring-Security-Authorization-Service/master/imgs/email-verify.png

About

This program is designed using Java and Spring Boot, which can be used to register and authenticate users in an advanced way. This service can be used as an authentication server

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published