> For the complete documentation index, see [llms.txt](https://andifalk.gitbook.io/openid-connect-workshop/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://andifalk.gitbook.io/openid-connect-workshop/master.md).

# Introduction

[![License](https://img.shields.io/badge/License-Apache%20License%202.0-brightgreen.svg)](http://www.apache.org/licenses/LICENSE-2.0.txt) ![Java CI](https://github.com/andifalk/secure-oauth2-oidc-workshop/workflows/Java%20CI/badge.svg) [![Release](https://img.shields.io/github/release/andifalk/secure-oauth2-oidc-workshop.svg?style=flat)](https://github.com/andifalk/secure-oauth2-oidc-workshop/releases)

## OAuth 2.0 / OpenID Connect Workshop

Authentication and authorization for Microservices with OAuth 2.0 (OAuth2) and OpenID Connect 1.0 (OIDC). This contains both, theory parts on all important concepts, and hands-on practice labs.

**Table of Contents**

* [Workshop Tutorial](https://andifalk.gitbook.io/openid-connect-workshop)
* [Requirements and Setup](/openid-connect-workshop/introduction/setup.md)
* [Hands-On Workshop](/openid-connect-workshop/master.md#hands-on-workshop)   &#x20;
  * [Intro Labs](/openid-connect-workshop/master.md#intro-labs)
    * [Lab: Authorization Grant Flows in Action](/openid-connect-workshop/intro-labs/oauth-grants.md)
    * [Demo: Auth Code Flow in Action](/openid-connect-workshop/intro-labs/auth-code-demo.md)
    * [Demo: GitHub Client](/openid-connect-workshop/intro-labs/github-client.md)
  * [Hands-On Labs](/openid-connect-workshop/master.md#hands-on-labs)
    * [Lab 1: Resource Server](/openid-connect-workshop/hands-on-labs/lab1.md)
    * [Lab 2: Client (Auth Code)](/openid-connect-workshop/hands-on-labs/lab2.md)
    * [Lab 3: Client (Client-Credentials)](/openid-connect-workshop/hands-on-labs/lab3.md)
    * [Lab 4: Testing JWT Auth\&Authz](/openid-connect-workshop/hands-on-labs/lab4.md)
    * [Lab 5: JWT Testing Server](/openid-connect-workshop/hands-on-labs/lab5.md)
    * [Lab 6: SPA Client (Authz Code with PKCE)](/openid-connect-workshop/hands-on-labs/lab6.md)
  * [Bonus Labs](/openid-connect-workshop/master.md#bonus-labs) &#x20;
    * [Demo: Multi-Tenant Resource Server](/openid-connect-workshop/bonus-labs/multi-tenant-server-app.md)
    * [Demo: Resource Server with Micronaut](/openid-connect-workshop/bonus-labs/micronaut-server-app.md)
    * [Demo: Resource Server with Quarkus](/openid-connect-workshop/bonus-labs/quarkus-server-app.md)
    * [Lab: Keycloak Testcontainers](/openid-connect-workshop/bonus-labs/keycloak-test-containers.md)
* [Feedback](/openid-connect-workshop/master.md#feedback)
* [License](/openid-connect-workshop/master.md#license)   &#x20;

### Workshop Tutorial

To follow the hands-on workshop please open the [workshop tutorial](https://andifalk.gitbook.io/openid-connect-workshop).

### Requirements and Setup

For the hands-on workshop you will extend a provided sample application along with guided tutorials.

The components you will build (and use) look like this:

![Architecture](/files/-Lzvpy7g-qurDrvL9yn7)

**Please check out the** [**complete documentation**](/openid-connect-workshop/introduction/application-architecture.md) **for the sample application before starting with the first hands-on lab**.

All the code currently is build using

* [Spring Boot 2.4.x Release](https://spring.io/blog/2020/11/12/spring-boot-2-4-0-available-now)&#x20;
* [Spring Framework 5.3.x Release](https://spring.io/blog/2020/10/27/spring-framework-5-3-goes-ga)
* [Spring Security 5.4.x Release](https://spring.io/blog/2020/09/10/spring-security-5-4-goes-ga)
* [Spring Batch 4.3.x Release](https://spring.io/blog/2020/10/28/spring-batch-4-3-is-now-ga)

All code is verified against the currently supported long-term version 11 of Java (The latest version 14 should work as well).

To check system requirements and setup for this workshop please follow the [setup guide](/openid-connect-workshop/introduction/setup.md).

### Hands-On Workshop

#### Intro Labs

* [Lab: Authorization Grant Flows in Action](/openid-connect-workshop/intro-labs/oauth-grants.md)
* [Demo: Authorization Code Grant Flow in Action](/openid-connect-workshop/intro-labs/auth-code-demo.md)
* [Demo: A pre-defined OAuth2 client for GitHub](/openid-connect-workshop/intro-labs/github-client.md)

#### Hands-On Labs

* [Lab 1: OAuth2/OIDC Resource Server](/openid-connect-workshop/hands-on-labs/lab1.md)
* [Lab 2: OAuth2/OIDC Web Client (Auth Code Flow)](/openid-connect-workshop/hands-on-labs/lab2.md)
* [Lab 3: OAuth2/OIDC Batch Job Client (Client-Credentials Flow)](/openid-connect-workshop/hands-on-labs/lab3.md)
* [Lab 4: OAuth2/OIDC Testing Environment](/openid-connect-workshop/hands-on-labs/lab4.md)
* [Lab 5: OAuth2/OIDC Angular Client](/openid-connect-workshop/hands-on-labs/lab5.md)

#### Bonus Labs

* [Demo: Multi-Tenant Resource Server](/openid-connect-workshop/bonus-labs/multi-tenant-server-app.md)
* [Demo: OAuth2/OIDC Resource Server with Micronaut](/openid-connect-workshop/bonus-labs/micronaut-server-app.md)
* [Demo: OAuth2/OIDC Resource Server with Quarkus](/openid-connect-workshop/bonus-labs/quarkus-server-app.md)
* [Lab: Keycloak Testcontainers](/openid-connect-workshop/bonus-labs/keycloak-test-containers.md)

### Feedback

Any feedback on this hands-on workshop is highly appreciated.

Just send an email to *andreas.falk(at)novatec-gmbh.de* or contact me via Twitter (*@andifalk*).

### License

Apache 2.0 licensed
