# Introduction [![License](https://img.shields.io/badge/License-Apache%20License%202.0-brightgreen.svg)](http://www.apache.org/licenses/LICENSE-2.0.txt) ![Java CI](https://github.com/andifalk/secure-oauth2-oidc-workshop/workflows/Java%20CI/badge.svg) [![Release](https://img.shields.io/github/release/andifalk/secure-oauth2-oidc-workshop.svg?style=flat)](https://github.com/andifalk/secure-oauth2-oidc-workshop/releases) ## OAuth 2.0 / OpenID Connect Workshop Authentication and authorization for Microservices with OAuth 2.0 (OAuth2) and OpenID Connect 1.0 (OIDC). This contains both, theory parts on all important concepts, and hands-on practice labs. **Table of Contents** * [Workshop Tutorial](https://andifalk.gitbook.io/openid-connect-workshop) * [Requirements and Setup](https://andifalk.gitbook.io/openid-connect-workshop/introduction/setup) * [Hands-On Workshop](#hands-on-workshop) * [Intro Labs](#intro-labs) * [Lab: Authorization Grant Flows in Action](https://andifalk.gitbook.io/openid-connect-workshop/intro-labs/oauth-grants) * [Demo: Auth Code Flow in Action](https://andifalk.gitbook.io/openid-connect-workshop/intro-labs/auth-code-demo) * [Demo: GitHub Client](https://andifalk.gitbook.io/openid-connect-workshop/intro-labs/github-client) * [Hands-On Labs](#hands-on-labs) * [Lab 1: Resource Server](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab1) * [Lab 2: Client (Auth Code)](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab2) * [Lab 3: Client (Client-Credentials)](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab3) * [Lab 4: Testing JWT Auth\&Authz](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab4) * [Lab 5: JWT Testing Server](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab5) * [Lab 6: SPA Client (Authz Code with PKCE)](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab6) * [Bonus Labs](#bonus-labs) * [Demo: Multi-Tenant Resource Server](https://andifalk.gitbook.io/openid-connect-workshop/bonus-labs/multi-tenant-server-app) * [Demo: Resource Server with Micronaut](https://andifalk.gitbook.io/openid-connect-workshop/bonus-labs/micronaut-server-app) * [Demo: Resource Server with Quarkus](https://andifalk.gitbook.io/openid-connect-workshop/bonus-labs/quarkus-server-app) * [Lab: Keycloak Testcontainers](https://andifalk.gitbook.io/openid-connect-workshop/bonus-labs/keycloak-test-containers) * [Feedback](#feedback) * [License](#license) ### Workshop Tutorial To follow the hands-on workshop please open the [workshop tutorial](https://andifalk.gitbook.io/openid-connect-workshop). ### Requirements and Setup For the hands-on workshop you will extend a provided sample application along with guided tutorials. The components you will build (and use) look like this: ![Architecture](https://4189093407-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LzvpQFqmIPIQLOTnN02%2F-LzvpxSC6eywXLt4xPDU%2F-Lzvpy7g-qurDrvL9yn7%2Fdemo-architecture.png?generation=1580478228544887\&alt=media) **Please check out the** [**complete documentation**](https://andifalk.gitbook.io/openid-connect-workshop/introduction/application-architecture) **for the sample application before starting with the first hands-on lab**. All the code currently is build using * [Spring Boot 2.4.x Release](https://spring.io/blog/2020/11/12/spring-boot-2-4-0-available-now) * [Spring Framework 5.3.x Release](https://spring.io/blog/2020/10/27/spring-framework-5-3-goes-ga) * [Spring Security 5.4.x Release](https://spring.io/blog/2020/09/10/spring-security-5-4-goes-ga) * [Spring Batch 4.3.x Release](https://spring.io/blog/2020/10/28/spring-batch-4-3-is-now-ga) All code is verified against the currently supported long-term version 11 of Java (The latest version 14 should work as well). To check system requirements and setup for this workshop please follow the [setup guide](https://andifalk.gitbook.io/openid-connect-workshop/introduction/setup). ### Hands-On Workshop #### Intro Labs * [Lab: Authorization Grant Flows in Action](https://andifalk.gitbook.io/openid-connect-workshop/intro-labs/oauth-grants) * [Demo: Authorization Code Grant Flow in Action](https://andifalk.gitbook.io/openid-connect-workshop/intro-labs/auth-code-demo) * [Demo: A pre-defined OAuth2 client for GitHub](https://andifalk.gitbook.io/openid-connect-workshop/intro-labs/github-client) #### Hands-On Labs * [Lab 1: OAuth2/OIDC Resource Server](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab1) * [Lab 2: OAuth2/OIDC Web Client (Auth Code Flow)](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab2) * [Lab 3: OAuth2/OIDC Batch Job Client (Client-Credentials Flow)](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab3) * [Lab 4: OAuth2/OIDC Testing Environment](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab4) * [Lab 5: OAuth2/OIDC Angular Client](https://andifalk.gitbook.io/openid-connect-workshop/hands-on-labs/lab5) #### Bonus Labs * [Demo: Multi-Tenant Resource Server](https://andifalk.gitbook.io/openid-connect-workshop/bonus-labs/multi-tenant-server-app) * [Demo: OAuth2/OIDC Resource Server with Micronaut](https://andifalk.gitbook.io/openid-connect-workshop/bonus-labs/micronaut-server-app) * [Demo: OAuth2/OIDC Resource Server with Quarkus](https://andifalk.gitbook.io/openid-connect-workshop/bonus-labs/quarkus-server-app) * [Lab: Keycloak Testcontainers](https://andifalk.gitbook.io/openid-connect-workshop/bonus-labs/keycloak-test-containers) ### Feedback Any feedback on this hands-on workshop is highly appreciated. Just send an email to *andreas.falk(at)novatec-gmbh.de* or contact me via Twitter (*@andifalk*). ### License Apache 2.0 licensed