OAuth 2.0 in Spring Boot Applications

Name: OAuth 2.0 in Spring Boot Applications
Price: 12.75 USD
Availability: InStock

10h 54m 34s

English

Paid

October 14, 2024

OAuth 2.0 in Spring Boot Applications is a 175-lesson 10 hours 54 minutes self-paced course by Udemy. This course shows you how to add OAuth 2.

Course facts

Lessons: 175
Duration: 10 hours 54 minutes
Level: All levels
Language: English
Updated
Instructor: Udemy
Price: Premium

This course shows you how to add OAuth 2.0 security to Spring Boot apps. You start with the basics and build real flows step by step. You do not need past OAuth experience. You only need to know Java and have some Spring Boot practice.

What You Will Learn

You follow each task in small steps. You set up tools, run servers, and test real OAuth flows.

OAuth 2.0 Flows

Run the Authorization Code flow.
Use the PKCE version of the Authorization Code flow.
Use the Client Credentials flow.
Use the Resource Owner Password flow.

Keycloak Setup

Start and set up a Keycloak server.
Create realms, clients, and users.

Spring Security Integration

Configure an OAuth 2.0 Resource Server.
Run several Resource Servers on random ports.

Spring Cloud Services

Set up Spring Cloud API Gateway.
Use Eureka for registry and service discovery.

Building Client Apps

Build a Spring MVC app that calls a protected Resource Server behind the API Gateway.
Create a small JavaScript app that uses PKCE to get JWT access tokens.
Refresh expired JWT access tokens.

Access Control

Apply scope‑based access rules.
Apply role‑based access rules.

Social Login and Extensions

Use social login with Facebook, Google, and Okta.
Use Keycloak User Storage SPI for remote user authentication.

Who teaches OAuth 2.0 in Spring Boot Applications? Udemy

Udemy is the largest open marketplace for online courses on the internet. Founded in 2010 by Eren Bali, Oktay Caglar, and Gagan Biyani and headquartered in San Francisco, the company went public on the Nasdaq in 2021 under the ticker UDMY. The platform hosts well over two hundred thousand courses across software development, IT and cloud, data science, design, business, marketing, and creative skills, taught by tens of thousands of independent instructors. Roughly seventy million learners use it worldwide, and the corporate arm — Udemy Business — supplies a curated subset of that catalog to enterprise customers.

Because Udemy is a marketplace rather than a single editorial publisher, the catalog is uneven by design. The strongest material lives in the long-form, project-based courses authored by working engineers — full-stack JavaScript, React, Node.js, Python data science, AWS, Docker and Kubernetes, mobile development with Flutter and React Native, and cloud certification preparation. The CourseFlix listing under this source is the slice of that catalog that has been mirrored here for offline-friendly viewing, organized by topic and updated as new releases land. Pricing on Udemy itself swings dramatically with the site's near-permanent sales, which is why the platform is best treated as a deep reference catalog: pick instructors with strong reviews and a track record of updating their material rather than buying on the headline price alone.

What lessons are included in OAuth 2.0 in Spring Boot Applications?

0:00

#1: Introduction

All Course Lessons (175)

#	Lesson Title	Duration
1	Introduction Demo	04:25
2	Introduction to OAuth 2	07:20
3	OAuth 2.0 Roles	03:17
4	Current State of OAuth 2.0 in Spring Security 5	04:19
5	OAuth 2.0 Client Types	05:01
6	OAuth Access Token	07:46
7	OAuth2 and OpenID Connect (OIDC)	03:41
8	Introduction	04:27
9	Authorization Code. Introduction.	09:46
10	Authorization Code Demo. Initial Request.	07:37
11	Authorization Code Demo. Exchange code for Access token.	04:22
12	PKCE-enhanced Authorization Code	05:38
13	Generating PKCE Code Verifier	01:14
14	Generating PKCE Code Challenge	01:30
15	PKCE Demo. Requesting Authorization Code	07:21
16	PKCE Demo. Exchanging Code for Access Token	04:44
17	Client Credentials	01:42
18	Client Credentials Grant Type Demo	02:39
19	The Password Credentials Flow	02:14
20	The Password Credentials Flow: Demo	03:02
21	Introduction	05:05
22	Requesting Refresh Token that never expires	02:26
23	Refreshing Access Token. Demonstration.	03:14
24	Introduction	04:08
25	Starting up Standalone Authorization Server Keycloak	02:03
26	Starting and Stopping Keycloak Server	03:41
27	Creating an Initial Admin User	01:21
28	Creating a new Realm	03:04
29	Creating a new user	02:56
30	Creating a new OAuth client application	04:53
31	Configuring Client Application Secrets	01:06
32	Requesting Access Token and Refresh Token	03:56
33	Enable/Disable OAuth 2.0 Authorization Flow	02:16
34	OAuth 2.0 Client Scopes	04:56
35	Introduction	03:01
36	Creating a new project	04:05
37	Import project into Spring Tool Suite IDE	00:57
38	Starting Resource Server on different port number	01:36
39	Creating a Rest Controller Class	04:50
40	Access Token Validation URIs	02:58
41	Accessing endpoints with an Access Token	03:53
42	Accessing Principal and JWT Claims	04:17
43	Demo - Accessing JWT Claims	03:38
44	Introduction	09:15
45	Create WebSecurityConfigurerAdapter and enable Web Security	01:58
46	Override the default HttpSecurity configuration	02:46
47	Configure Scope-based access control	02:25
48	Demo - without using proper Scope	03:14
49	Demo - using proper Scope	01:06
50	Introduction	05:35
51	Creating User Role	01:15
52	Securing Endpoints to a Specific Role	02:22
53	Creating Role Converter class	02:09
54	Decoding JWT to find user roles	02:12
55	Converting Roles into GrantedAuthority objects	01:32
56	Register JwtAuthenticationConverter with HttpSecurity	01:08
57	Trying how it works	03:40
58	Introduction	04:56
59	Enable Method Level Security	02:20
60	@Secured annotation example	05:55
61	@PreAuthorized annotation	04:00
62	Reading UserId from JWT Access Token	05:39
63	Trying how the @PreAuthorized annotation works	03:01
64	Creating getUser() to be used with @PostAuthorize	03:32
65	@PostAuthorized annotation	03:09
66	Trying how to the @PostAuthorized annotation works	04:07
67	Introduction	06:02
68	Creating API Gateway Project	04:18
69	Import API Gateway to Spring Tool Suite	00:37
70	Configuring API Gateway Routes	06:27
71	Trying how it works	03:46
72	Albums & Photos Resource Servers	03:45
73	Routing to multiple Resource Servers	03:05
74	Trying how it works	04:10
75	Introduction	04:40
76	Creating Eureka Discovery Service Project	03:24
77	Configuring Eureka project	03:50
78	Eureka Client Dependency	04:14
79	@EnableDiscoveryClient and configuration properties	02:46
80	Trying how it works	00:51
81	Exercise	01:10
82	Solution overview	04:47
83	Load Balancing - Introduction	02:08
84	Starting Resource Servers on Random IP Address	04:13
85	Eureka and Resource Server Instance Id	07:01
86	Configuring API Gateway as Eureka Client	04:38
87	Configure API Gateway Routes	03:25
88	Return the running port number	02:18
89	Trying how it works	03:47
90	OAuth 2.0 in MVC Web App - Introduction	01:43
91	Creating a new Spring Boot Project	02:29
92	Creating Controller class	04:13
93	Returning list of albums	04:55
94	Displaying Albums in HTML Page	04:22
95	Adding OAuth2 Client Dependency	01:20
96	Configuring OAuth2 Client properties	05:31
97	Configuring OAuth2 Provider properties	02:40
98	Reading ID Token	06:26
99	Reading JWT Access Token	06:12
100	HTTP Request to an Internal Resource Server	07:40
101	Trying how it works	02:09
102	A different approach to adding access token	01:28
103	Adding WebClient Dependency	01:16
104	Creating a WebClient Bean	04:53
105	Using WebClient in a Controller class	02:41
106	Trying how it works	01:42
107	Introduction	01:55
108	Creating a new project	02:16
109	Protected Resource Controller class	04:04
110	Protected Resource HTML Page	03:05
111	Creating public page	03:10
112	Configure HTTP Security	03:05
113	OAuth 2 Client and Provider configurations	04:54
114	Facebook: Client Id and Client Secret	02:07
115	Trying how Facebook login works	01:31
116	Google Client Id and Client Secret	07:45
117	Trying how Google sign-in works	01:06
118	Register a new Okta app	03:51
119	Configure Okta properties	03:41
120	Trying how sign-in with Okta works	01:00
121	Configure logout functionality	03:44
122	Configure the Logout link	01:13
123	Trying how logout link works	02:45
124	OpenID Connect End Session Endpoint	03:52
125	Implementing OidcClientInitiatedLogoutSuccessHandler	02:56
126	Trying how Logout from Okta works	01:08
127	Introduction	02:09
128	Creating a new Public client in Keycloak	05:33
129	Creating a new Spring Boot client application	01:26
130	Creating Index.html	01:46
131	Import jQuery	01:09
132	Generating Random State value	04:12
133	Generating Code Verifier value	02:29
134	Generating Code Challenge value	03:27
135	Requesting PKCE-Enhanced Authorization Code	05:11
136	Creating Auth Code Reader HTML Page	01:00
137	Reading authorization code from the Redirect URI	03:43
138	Validating "state" request parameter	02:17
139	Exchange Code for Access Token	05:46
140	Finding Refresh Token and ID Token	02:11
141	Sending Request to Resource Server	05:23
142	Configure CORS Access on API Gateway	04:54
143	Configure CORS in Resource Server	10:05
144	Introduction	04:05
145	Creating a new project	03:10
146	Creating RemoteUserStorageProvider class	04:47
147	Creating RemoteUserStorageProviderFactory class	04:04
148	Adding Keycloak Core Dependency	01:26
149	Solution overview	03:28
150	Remote Users Webservice Overview	09:16
151	RESTEasy HTTP Client Dependency	01:44
152	Implementing Users Api Service	05:55
153	Creating User Class	03:06
154	Adding the verifyUserPassword to UsersApiService	03:57
155	Building RESTEasy HTTP Client	04:46
156	Implementing getUserByUsername() method	05:39
157	Verifying User Password	03:48
158	Packaging UserStorageProvider	04:17
159	Deploying User Storage SPI	08:46
160	Trying how it works	04:42
161	Introduction	03:33
162	Creating a new project	04:02
163	Register an OAuth Client	08:45
164	Configure Authorization Server	05:31
165	Spring Security Configuration	03:40
166	A request for Authorization Code	04:59
167	Exchange Authorization Code for JWT Access Token	06:07
168	Creating and Configure Resource Server	03:52
169	Resource Server API Endpoint	04:19
170	Consume protected API Endpoints	03:39
171	Project Overview	03:41
172	OAuth2 Client-related configuration	04:42
173	Reading the JWT Access Token	02:53
174	Sending HTTP Request	03:44
175	Trying how it works	01:39

Unlock unlimited learning

Get instant access to all 174 lessons in this course, plus thousands of other premium courses. One subscription, unlimited knowledge.

Learn more about subscription

What courses are similar to OAuth 2.0 in Spring Boot Applications?

Updated 3y ago
Java Spring Tutorial Masterclass - Learn Spring Framework 5
By: Udemy
There is no doubt that having Spring Framework skills on your résumé will make you a more employable Java developer. Spring developers are in high demand and ar
45h 18m
Updated 2y ago
Deploy Spring Boot Microservices on AWS ECS with Fargate
By: Udemy
This course is for Java developers interested in learning how to deploy Spring Boot Microservices on AWS cloud using AWS ECS(Elastic Container Service). By the
7h 1m
Updated 2y ago
The Complete Spring Boot Development Bootcamp
By: Udemy
Spring Boot is the best Java framework for developing web applications. It favors convention over configuration, making it super easy to develop stand-alone, pr
17h 59m
Updated 2y ago
Learn Spring 5, Boot 2, JPA, Thymeleaf, AOP, Web MVC, REST
By: Udemy
Master Modern Spring Boot, Spring Web MVC, AOP, Hibernate, Thymeleaf, JPA, Spring Security, RESTful services. Spring is, by far, the most popular framework for
16h 37m
Updated 2y ago
Build Reactive RESTFUL APIs using Spring Boot/WebFlux
By: Udemy
Learn to write reactive programming in Spring using WebFlux/Reactor and build Reactive RESTFUL APIs. This course is structured to give you both the theoretical
9h 34m
Updated 2y ago
Event-Driven Microservices, CQRS, SAGA, Axon, Spring Boot
By: Udemy
In this video course, you will learn how to build business logic that spans several distributed Spring Boot Microservices. This course is designed for beginners
8h 55m
Updated 2y ago
Microservices: Clean Architecture, DDD, SAGA, Outbox & Kafka
By: Udemy
Hi there! My name is Ali Gelenler. I'm here to help you learn microservices architecture while applying Clean and Hexagonal Architectures and using Domain Drive
18h 2m

More courses by Udemy

New
React - The Complete Guide
React: The Complete Guide by Maximilian Schwarzmüller — original 2022 edition covering React hooks, Redux, Context API, Next.js basics.
47h 42m5/5
Updated 3y ago
Complete C# Unity Game Developer 3D
This is the long-awaited sequel to the Complete Unity Developer - one of the most popular e-learning courses on the internet!
30h 34m
Updated 3y ago
Nest.js Microservices: Build & Deploy a Scaleable Backend
Nest.js is an incredible backend framework that allows us to build scaleable Nodejs backends with very little complexity. A Microservice architecture is a popul
5h 39m5/5
Updated 3y ago
The HTML & CSS Bootcamp 2023 Edition
Brand new HTML & CSS course, just released in February 2023 Check out the promo video to see the beautiful, responsive projects we build in this course!
37h 18m5/5
Updated 3y ago
Microservices with Node JS and React
Event-Based Architecture? Covered! Server side rendering with React? Yep. Scalable, production-ready code? Its here!
54h 13m5/5
FreeClassic
100 Days of Code - The Complete Python Pro Bootcamp for 2023
Watch the 100 Days of Code Python Pro Bootcamp free: 100 daily projects covering Python basics, web scraping, data science, automation and GUI apps.
58h 35m5/5

Frequently asked questions

What prerequisites are needed before taking the course?

Before enrolling in the course, a solid understanding of Java and prior experience with Spring Boot are necessary. No prior knowledge of OAuth 2.0 is required, as the course is designed to teach OAuth security from the basics.

What projects or applications will I build during the course?

During the course, you will build a Spring MVC application that calls a protected Resource Server behind an API Gateway. Additionally, you will create a JavaScript app that utilizes PKCE to obtain JWT access tokens and learn to refresh expired tokens.

Who is the target audience for this course?

This course is ideal for Java developers with experience in Spring Boot who want to integrate OAuth 2.0 security into their applications. The course is also suitable for those interested in exploring modern application security practices.

How does the depth of this course compare to other OAuth 2.0 courses?

The course offers a comprehensive journey through OAuth 2.0, starting from basic concepts to practical applications. It covers different OAuth flows, Keycloak setup, and Spring Security integration, providing a hands-on approach to these topics.

What tools and platforms will I use in the course?

You will use Keycloak to set up authorization servers and manage realms, clients, and users. The course also involves setting up and configuring Spring Security, Spring Cloud API Gateway, and Eureka for service discovery.

What topics are not covered in the course?

The course does not cover non-Spring Boot frameworks or languages other than Java. It focuses exclusively on OAuth 2.0 within the Spring Boot context, using Keycloak and Spring Security for implementation.

What is the expected time commitment to complete the course?

The course consists of 175 lessons. While the total runtime is not specified, prospective students should plan for a significant time investment to work through the lessons and practical exercises thoroughly.