Skip to content
/ authorization Public

This is my custom Authorization server built using Spring Authorization Server.

authorization.sonam.cloud/issuer

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sonamsamdupkhangsar/authorization

BranchesTags

Repository files navigation

My Customization of Spring Authorization Server

This is a customization of the Spring Authorization Server which implements OAuth2.1 and OpenID Connect 1.0 specifications.

Purpose

This authorization service will be used for issuing access-token/refresh tokens for services.

This application also exposes a rest client for OAuth Client registration at endpoint clients/.

This app will communicate with the following two external services: authentication-rest-service for authenticating user with username and password. application-rest-service for getting user roles.

Run

For running locally using local profile: ./gradlew bootRun --args="--spring.profiles.active=local"

In IntelliJ open Run and add environment variable :'spring.profiles.active=local

Build Docker image

Gradle build:

./gradlew bootBuildImage --imageName=name/my-spring-authorization-server

Docker build passing in username and personal access token varaibles into docker to be used as environment variables in the gradle build.gradle file for pulling private maven artifact:

docker build --secret id=USERNAME,env=USERNAME --secret id=PERSONAL_ACCESS_TOKEN,env=PERSONAL_ACCESS_TOKEN . -t my/auth-servier

Pass local profile as argument:

 docker run -e --spring.profiles.active=local -p 9001:9001 -t myorg/myapp

Authentication process

flowchart TD
 User -->login[/Login with username password/]
 login --get userId for loginId from--> userRestService["user-rest-service"]
 userRestService --> getUserId{is there a userId with this login-id?}
 getUserId-->|Yes|clientOrganizationRepo[(clientOrganization)]
 clientOrganizationRepo --get organization for clientid-->checkClientInOrg{is client id associated to a organization?}
 getUserId -->|No, userId not found|returnError[BadCredentialException]
 
 
 checkClientInOrg -->|Yes|clientIsInOrg[client is associated to org]
 checkClientInOrg -->|No|checkClientInUserRelationship["check if client is associated to user only"]
 clientIsInOrg --call--> orgRestService["organization-rest-service"]
 orgRestService --> checkUserExistsInOrg{does user Exists in a org?} 
 checkUserExistsInOrg -->|Yes|authenticate["authentication-rest-service"]
 
 checkUserExistsInOrg -->|No|checkClientInUserRelationship 
 
 authenticate --> receiveRoles[receive roles for user]
 checkClientInUserRelationship -->clientUserRepo[(clientUser)]
 clientUserRepo --> clientAssociatedToUser{is client associated to user?}
 clientAssociatedToUser -->|Yes|authenticate
 clientAssociatedToUser -->|No|returnError
Loading

About

This is my custom Authorization server built using Spring Authorization Server.

authorization.sonam.cloud/issuer

Topics

oauth2 oauth2-provider oauth2-server spring-authorization-server

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages