Skip to content

indiepopart/spring-security-test

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
api-gateway
api-gateway
 
 
docker
docker
 
 
eureka
eureka
 
 
listings
listings
 
 
theaters
theaters
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Tutorial: Simplify your Web Testing with Spring Security Test

This repository contains all the code for the Spring Security Test tutorial, illustrating request mocking for OIDC code flow, JWT authorization and OpaqueToken authorization integration tests.

Prerequisites:

Getting Started

To install this example, run the following commands:

git clone https://github.com/indiepopart/spring-security-test.git

Configure the api-gateway

cd api-gateway

With OktaCLI, register for a free developer account:

okta register

Provide the required information. Once you complete the registration, create a client application with the following command:

okta apps create

You will be prompted to select the following options:

  • Application name: api-gateway
  • Type of Application: Web
  • Type of Application: Okta Spring Boot Starter
  • Redirect URI: Default
  • Post Logout Redirect URI: Default

The OktaCLI will create the client application and configure the issuer, clientId and clientSecret in src/main/resources/application.properties. Update the issuer, client-id and client-secret in application.yml. Delete application.properties.

okta:
  oauth2:
    issuer: https://{yourOktaDomain}/oauth2/default
    client-id: {clientId}
    client-secret: {clientSecret}

Configure the listings microservice

Update the issuer in application.yml.

okta:
  oauth2:
    issuer: https://{yourOktaDomain}/oauth2/default

Configure the theaters microservice

cd theaters

With OktaCLI, create a client application as illustrated before, and provide the following settings:

  • Application name: theaters
  • Type of Application: Web
  • Type of Application: Spring Boot
  • Redirect URI: Default
  • Post Logout Redirect URI: Default

Update the issuer, client-id and client-secret in application.yml, from the values in application.properties. Delete application.properties.

Configure the MongoDB Data files

Get the MongoDB dump files theaters.bson, theaters.metadata.json from Github. Also get the MongoDB dump files listingsAndReviews.bson, listingsAndreviews.metadata.json from Github. Place all files in the same folder. Then update docker/docker-compose.yml /db-dump volume mapping for the mongo service, set the dumps folder.

Build the applications image

Go through each project and build the docker image with the following command:

./mvnw spring-boot:build-image

Run the applications with Docker Compose

cd docker
docker-compose up

Go to http://localhost:8080/userdata and login to Okta. Copy the accessToken and set as an environment variable:

ACCESS_TOKEN={accessToken}
http POST http://localhost:8080/listing name=test "Authorization:Bearer ${ACCESS_TOKEN}"

You will see the following response:

HTTP/1.1 403 Forbidden
WWW-Authenticate: Bearer error="insufficient_scope", error_description="The request requires higher privileges than provided by the access token.", error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"

Configure the required groups listing_admin and theater_admin in the Okta dashboard, and add the groups claim to the accessToken as detailed in the blog post.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages