chapter four

4 Accessing a secured microservice via a single-page application

This chapter covers

How to build a SPA using Angular and Spring Boot to talk to a secured microservice
How to overcome Cross-Origin Resource Sharing (CORS) related issues
How to login to a SPA with OpenID Connect

4.1 Running a single-page application with Angular

4.1.1 Building and running an Angular application from the source code

4.1.2 Behind the scenes of a single-page application

4.2 Setting up cross-origin resource sharing (CORS)

4.2.1 The same-origin policy

4.2.2 Cross-origin resource sharing (CORS)

4.2.3 Inspecting the source that allows cross-origin requests

4.2.4 Proxying the resource server with an API gateway

4.3 Securing a SPA with OpenID Connect

4.3.1 The OpenID Connect login flow

4.3.2 Inspecting the code of the applications.

4.4 Federated authentication

4.4.1 Multiple trust domains

4.4.2 Building trust between domains

4.5 Summary

@font-face { font-family: 'livebook'; src:url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.eot?1.9.0'); src:url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.eot?1.9.0') format('embedded-opentype'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.woff?1.9.0') format('woff'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.ttf?1.9.0') format('truetype'), url('https://d19npu3b8zepp3.cloudfront.net/assets/fonts/livebook.svg?1.9.0') format('svg'); font-weight: normal; font-style: normal; }