a simple example, use Spring boot, Spting cloud oauth2, Spring security, Netflex zuul, demo how to config OAuth2 Server, UI Server and Resource Server. use JWT as token, not user-info uri to get the authorized user's info.
oauth2 authentication provider
- context-path: /uaa
- serve port: 8804
- client details: in class
com.cloume.ncee.OAuthConfiguration
provide an api /test saying HELLO, WORKS
- proxy access to ui-server and resource-server
/api/** -> http(s)://{resource-server-hostname} / -> http(s)://{ui-server-hostname} - homepage: /hello
- users: added in
ncee-oauthproject, classcom.cloume.ncee.NceeAuthServerApplication - ui-server(as oauth2 client) may have own user-system
-
missing
com.cloume.commonpackages can be found in repohttps://github.com/HQIT/maven-repo(Issue #2) -
if ui-server and oauth2-server launched on the same host (even not on the same port), should set one of servers' context-path to anything but
/, cuzSet-Cookiewill override each other, make login fail (error log say some CSRF exception, not that). actually JSESSIONID change make the OAuthClientContext re-generated is the real reason -
JWT, symmetric key (123) used in example, un-symmetric one should be better! embedded .jks in project, tutorials available on google (or bing.com) and other SE.
good luck!