Institute of Computer Science
  1. Courses
  2. 2023/24 spring
  3. Enterprise System Integration (MTAT.03.229)
ET
Log in

Enterprise System Integration 2023/24 spring

  • Home
  • Lectures
  • Practicals
  • Assignements
  • Project and exam
  • Message Board

Session 9.4: Spring Boot Security - Authorization with OAuth2 - [Extra - not part of the course]

1. Clone the following repository 

$ git clone https://github.com/M-Gharib/ESI-W9.4.git

If you want to create a new Spring Boot project from scratch, you need to install the following dependencies for both the Product and Inventory services:

  • Spring Web
  • Spring Security
  • Oauth2 Client
  • Thymeleaf

OAuth2 key actors

There are four key actors in OAuth2 :

  1. Resource Owner: owns the resource in the resource server.
  2. Resource Server: stores the resource that an application wants to access.
  3. Client: the application that wants to access the resource.
  4. Authorization Server: manages the authentication process.

How OAuth2 function


Oauth2 mechanism
  • The Client sends an authorization request to the Authorization Server.
  • The Authorization Server requests permission from the Owner.
  • If the Owner consents, the Authorization Server provides a token to the Client.
  • The Client can use the token to obtain the Resource from the Resource Server.

Create a GitHub OAuth2 App

You must have an account on GitHub.com to complete this task. You can create a new OAuth App as follows:

2. GitHub (logged in) -> settings -> Developers Settings -> OAuth App -> new OAuth App


Oauth App - GitHub

3. You need to insert the Application name and choose the name you want, you also need to insert Homepage URL and Authorization callback URL, they are the same as the URI where your app is running (e.g., for our example http://localhost:8090). Then, press the register application button.

4. When you finalize your app, you will be able to see the client-id and client-secret, which you need when you configure your OAuth in Spring Boot. To do that, you need to add the client-id and client-secret to applicatio.property of your app, as follows: 

# applicatio.property
spring.security.oauth2.client.registration.github.client-id= # add client-id here
spring.security.oauth2.client.registration.github.client-secret= # add client-secret here

5. We have created a simple webpage (index.html) that can be found under the resources/templates directory. It will just printout "Oauth2 example" if the user is successfully authenticated. 

<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>Just Testing</title>
</head>

<body>
    <h1>Oauth2 example</h1>
</body>
</html>

6. Run your application, and try to visit http://localhost:8090, you will be redirected to the GitHub login page, where you will be prompted to enter your credentials. After logging in, you be redirected to the protected page/website.

Note If you are already logged in GitHub, you'll not be redirected to the GitHub login page. Therefore, log out from GitHub before visiting http://localhost:8090


ESIOAuthApp Login page - GitHub
  • Institute of Computer Science
  • Faculty of Science and Technology
  • University of Tartu
In case of technical problems or questions write to:

Contact the course organizers with the organizational and course content questions.
The proprietary copyrights of educational materials belong to the University of Tartu. The use of educational materials is permitted for the purposes and under the conditions provided for in the copyright law for the free use of a work. When using educational materials, the user is obligated to give credit to the author of the educational materials.
The use of educational materials for other purposes is allowed only with the prior written consent of the University of Tartu.
Terms of use for the Courses environment