This is a simple REST service built using Spring Boot, Spring MVC, and Spring Security OAuth that provides a single RESTful endpoint protected by OAuth2. The REST service is based on the Building a RESTful Web Service getting started guide. This project is built using a preview version of Java-based configuration support, available in Spring Security OAuth 2.0. Please log any issues or feature requests to the Spring Security OAuth project.
Use Gradle:
./gradlew clean build bootRunOr use Maven:
mvn clean package spring-boot:runTest the greeting endpoint:
curl http://localhost:8080/greeting
You receive the following JSON response, which indicates you are not authorized to access the resource:
{"error":"unauthorized","error_description":"An Authentication object was not found in the SecurityContext"}
In order to access the protected resource, you must first request an access token via the OAuth handshake. Request OAuth authorization:
curl -X POST -vu clientapp:123456 http://localhost:8080/oauth/token -H "Accept: application/json" -d "password=spring&username=roy&grant_type=password&scope=read%20write&client_secret=123456&client_id=clientapp"A successful authorization results in the following JSON response:
{"access_token":"ff16372e-38a7-4e29-88c2-1fb92897f558","token_type":"bearer","expires_in":43199,"scope":"read write"}Use the access_token returned in the previous request to make the authorized request to the protected endpoint:
curl http://localhost:8080/greeting -H "Authorization: Bearer ff16372e-38a7-4e29-88c2-1fb92897f558"If the request is successful, you will see the following JSON response:
{"id":1,"content":"Hello, World!"}The service is deployed to Cloud Foundry and available for testing. Modify the previous commands to point to the following URL:
curl http://rclarkson-restoauth.cfapps.io/greeting