GitHub - pavlo-kravchenko/google-oauth2-jwt-secure-api: Demonstrates how to write secure Web Applications using Google Oauth2 on client side and securing protected resources with JWT based token

Securing backend APIs when developing Client side web applications

Blog link

How to run

clone the repository

git clone [email protected]:hhimanshu/google-oauth2-jwt-secure-api.git

compile, test, create package

mvn clean package

start the server

mvn spring-boot:run

Go to http://localhost:8080
Sign In with Google
Open Developer Tools and after login you your see an object structure under path current user > Ab > Zi
locate id_token and copy the value

Authenticate with your application APIs

curl -v -X POST -H "Content-Type: application/json" -H "X-ID-TOKEN: <place your id_token here>" -d'{}' http://localhost:8080/login

If the requests succeeds, you would see token coming from your app in Authorization header similar to following

Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJteVVuaXF1ZVVzZXIiLCJleHAiOjE0OTUwMDA3NjV9.B4Ax_BIkrW044rwVnN-qvLcT9r0JzP4VCECjExp3yTFqv4STNmEiG4LNBHU-BXjAOSgt9xuLV7LhVXPKLYApbQ

You can now use this token to further communicate the server.

Name		Name	Last commit message	Last commit date
Latest commit History 19 Commits
src		src
.gitignore		.gitignore
.travis.yml		.travis.yml
LICENSE		LICENSE
README.md		README.md
mvnw		mvnw
mvnw.cmd		mvnw.cmd
pom.xml		pom.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Securing backend APIs when developing Client side web applications

Blog link

How to run

About

Releases

Packages

Languages

License

pavlo-kravchenko/google-oauth2-jwt-secure-api

Folders and files

Latest commit

History

Repository files navigation

Securing backend APIs when developing Client side web applications

Blog link

How to run

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages