Oauth2 authorization Server. this program is designed using Java and Spring Boot, which can be used to register and authenticate users and resource applications in an advanced way. This service can be used as register server
my website: https://alirezaalijani.ir
- Oauth service
- Authentication and Authorization froms
- Use fail attempts to block access
- Use java email client to send emails
- Different accesses for users
- Creating a professional and encrypted link to verify user actions (email verification)
- Create an html email template and send asymmetric emails
- Use Google recaptcha
- Jwt for api authentication
- ŮŤSecuring webservice
- Dockerized application with docker-compose
- Authentication & Authorization server
- Account validation
- User management
- Distributed service
- Docker : Get Started
- docker-compose : Overview of Docker Compose
- maven : How to use or Download
- java 17
- Download or clone project
git clone https://github.com/alirezaalj/Spring-Security-Authorization-Service.git
or
wget https://github.com/alirezaalj/Spring-Security-Authorization-Service/archive/refs/heads/master.zip- go to project folder open command line in there
cd Spring-Security-Authorization-Service
cp config-repository-copy/* config-repository/
cd config-repository
git init
git add .
git commit -m "Initial commit"
cd ..gmailaccount or other smtp email accountgmailno longer support for Allow Less Secure App. So you should use other mail hosting.- if using
gmailfirst do fallow this two-step (no longer support) ######1- Two-Step Verification should be turned off. ######2- Allow Less Secure App(should be turned on). add your email info to conf/config-repository/oauth-mail.yml file and host info
my-spring:
mail:
host: <your smtp host> # your smtp host
port: 587 # your smtp host port
username: <your_emai_account> # your smtp account username
password: <your_email_accunt_password> #your smtp account password
properties:
mail:
smtp:
auth: true
connectiontimeout: 5000
timeout: 5000
writetimeout: 5000
starttls:
enable: true # if your host has TLS is enabled else set false-
After Any change in
conf/config-repositoryyou must rungit commit -m "Config commit" -
Change config-dev.env file configs:
-
In application folder
cd Spring-Security-Authorization-Servicebuild jar file and docker image
mvn clean install -DskipTests- Run Application docker compose
cd docker-compose
docker-compose --env-file config-dev.env upapplication is ready on http://localhost:9000/
Use postman for Oauth client authorization: pkce, authorization_code
https://www.postman.com/warped-station-341723/workspace/spring-auth-server/overview
application by default add 3 Oauth clients
- Stop Application : docker compose
cd docker-compose
docker-compose --env-file config-dev.env dwon
- maven : How to use or Download
- java 17
gmailaccount or other smtp email accountgmailno longer support for Allow Less Secure App. So you should use other mail hosting.- if using
gmailfirst do fallow this two-step (no longer support) ######1- Two-Step Verification should be turned off. ######2- Allow Less Secure App(should be turned on). add your email info to conf/config-repository/oauth-mail.yml file and host info
my-spring:
mail:
host: smtp.gmail.com # your smtp host
port: 587 # your smtp host port
username: <your_emai_account> # your smtp account username
password: <your_email_accunt_password> #your smtp account password
properties:
mail:
smtp:
auth: true
connectiontimeout: 5000
timeout: 5000
writetimeout: 5000
starttls:
enable: true # if your host has TLS is enabled else set false- postgres : Run
postgreson port5432with username:postgresAnd password:postgres - i suggest using docker
- dockerhub : https://hub.docker.com/_/postgres
- using this commands for *pull *and use postgres whit docker
- run and pull PostgreSQL whit docker and config password to postgres on port 5432
docker run --name postgresql-container -p 5432:5432 -e POSTGRES_PASSWORD=postgres -d postgres- create new database whit name : oauth_server_db
docker exec -it postgresql-container psql -U postgres -c "CREATE DATABASE oauth_server_db;"- you can use pgadmin4 connecting to postgrsql
- if you are running postgrsql in your machine you can change conf/config-repository/oauth-postgres.yml file :
postgres:
host: localhost
db: oauth_server_db # database name
user: postgres # username
pass: postgres # password
port: 5432 # port- redis server is used for saving login failures, but you can run project without using redis by changing conf/config-repository/oauth-app.yml
...
login:
theme: default
validator:
validate-url: ${application.info.host}/verification/{path}/{token}
fall:
service: memory # login failures will be saved on memory
max-attempt: 10
expire-after:
duration: 1
unit: DAYS
......
login:
theme: default
validator:
validate-url: ${application.info.host}/verification/{path}/{token}
fall:
service: redis # login failures will be saved on redis
...- Redis : Run
redison port6379with no username And password - i suggest using docker
- dockerhub : https://hub.docker.com/_/redis
- using this commands for *pull *and use redis whit docker
- run and pull Redis whit docker and config on port
6379
docker run --name my-redis -p 6379:6379 -d redis- go to project folder
cd "Oauth Authorzation Project"and Open this directory with your IDEA- open
config-servermodule - copy all files inside
conf/config-repository-copy/toconf/config-repository/ - open command line in
config-repositoryand run this commands:git initgit add .git commit -m "Initial commit config repo" - after any change on files in
conf/config-repository/you must commit them, then config server can pull them and make it available for other services - Start by spring-boot-maven-plugin with your IDEA
# or run with command line
cd config-server
# and
mvn spring-boot:run- project start on port 8888, and you can see the console - logging
- and configs are available on urls: (you can check them) username:
spring_config_userpassword:spring_config_user
- http://localhost:8888/oauth-app.yml
- http://localhost:8888/oauth-application.yml
- http://localhost:8888/oauth-base.yml
- http://localhost:8888/oauth-mail.yml
- http://localhost:8888/oauth-postgres.yml
- http://localhost:8888/oauth-redis.yml
- If you are seen error like :
error: invalid remote: originit's because of bad configuration try change configuration file inconfig-server/src/main/resources/application.ymland changeurito absolute path ofconf/config-repository
config:
server:
git:
uri: /home/user/Oauth2-Authorization-Project/conf/config-repository # path to 'conf/config-repository' directory you can replace it with absolute path
default-label: masterpostgrsqlis runningredisis running -if using redis in fall configconfig-serveris runningemailis configured
Start by spring-boot-maven-plugin with your IDEA
# or run with command line
cd authorization-serve
# and
mvn spring-boot:runapplication is ready on http://localhost:9000/
The recaptcha is disabled if you have your domain recaptcha key and secret config them and make enable: true and commit changes inside config-repository
conf/config-repository/oauth-app.yml
google:
recaptcha:
enable: false
key:
site: <your google key-site> # your google key-site for domain like: localhost
secret: <your google key-secret> # your google key-secret for domain like: localhost- all configs are static in class
authorization-server/src/main/java/ir/alirezaalijani/security/authorization/service/initializers/DataSourceInitializer.java- You can read more about Oauth2
Login page:
Registering Page:
Forget Password:
Contact page:
Email Verification Template:
