Skip to content

Latest commit

 

History

History
42 lines (27 loc) · 1.67 KB

README.md

File metadata and controls

42 lines (27 loc) · 1.67 KB

A sample OAuth provider using spring security See http://porterhead.blogspot.co.uk/2014/05/securing-rest-services-with-spring.html

prerequisites: a running mongoDB instance on port 27017

to build: gradle clean build

to run: gradle tomcatRun

To register a new user:

curl -X POST -H "Content-Type: application/json"
-H "Authorization: Basic MzUzYjMwMmM0NDU3NGY1NjUwNDU2ODdlNTM0ZTdkNmE6Mjg2OTI0Njk3ZTYxNWE2NzJhNjQ2YTQ5MzU0NTY0NmM="
-d '{"user":{"emailAddress":"[email protected]"}, "password":"password"}'
'http://localhost:8080/oauth2-provider/v1.0/users'

Login:

curl -v -X POST
-H "Content-Type: application/json"
-H "Authorization: Basic MzUzYjMwMmM0NDU3NGY1NjUwNDU2ODdlNTM0ZTdkNmE6Mjg2OTI0Njk3ZTYxNWE2NzJhNjQ2YTQ5MzU0NTY0NmM="
'http://localhost:8080/oauth2-provider/oauth/token?grant_type=password&[email protected]&password=password'

to retrieve a user details:

curl -v -X GET
-H "Content-Type: application/json"
-H "Authorization: Bearer [your access token]"
'http://localhost:8080/oauth2-provider/v1.0/me'

To set up for production:

  1. Create a properties file in src/main/resources/properties called app-production.properties
  2. Override all relevant properties from src/main/resources/properties/application.properties
  3. Configure Mail Server by overriding values for mail server in app-production.properties
  4. Build and deploy war. Add System variable to start up command -Dspring.profiles.active=production
  5. Restrict access to all protected URLs via SSL only
  6. The velocity templates and html pages provided are basic and should be customised to your needs