12 How does OAuth 2 work?
This chapter covers
- What is OAuth 2
- An introduction to implementing the OAuth 2 framework with Spring Security
- Developing an application which uses Single Sign-On (SSO) with OAuth 2
If you’re already working with OAuth 2, I know what you’re thinking: OAuth 2 framework is a vast subject that could take an entire book to cover. And I can’t argue with this, but with four chapters, you’ll learn everything you need to know about applying OAuth 2 with Spring Security. We start in this chapter with an overview where you’ll discover that the main actors in the OAuth 2 framework are the user, the Client, the resource server, and the authorization server. After the general introduction, you’ll learn how to use Spring Security to implement the Client. Then, in chapters 13 to 15, we discuss implementing the last two components: the resource server and the authorization server. I’ll give you examples and apps you can adapt to any of your real-world scenarios.
To reach this goal, in this chapter, we discuss what OAuth 2 is, and then we apply it within an application focused on authentication with single sign-on (SSO). The reason why I like starting teaching this subject with the example of a Single Sign-On (SSO): It’s very simple but also very useful – it allows you to have an overview of OAuth 2, and it gives you the satisfaction of implementing a fully working application without writing too much code.