Introduction - luchob/oauth2-passwordgrant-example GitHub Wiki

This gradle multiproject demonstrates a very minimalistic REST API, access to which is controlled with OAuth 2.0 password grant. This might be useful in cases in which the client collects the user name and the password of the resource owners and requests some resources (books in this sample) on their behalf. The project consists of two independent spring-boot services which communicate over HTTP:

• An authorization service (AS) - it generates and verifies authentication tokens for users that attempt to access a REST resource. The AS stores the respective permissions for the end users. The user data is stored in an H2 database currently. This may be easily adopted to PostgreSQL, MySQL or other relational DB. The token storage is in-memory.
• Resource service (RS) - serves protected REST resources (books). Different permissions are required to get and create books.

In the current setup the client (e.g. a REST client like Postman or your own fancy AngularJS client) may request its token from the AS. Then it may try to use the token in the RS. If the token represents proper permissions the access to the resource is granted, otherwise it is denied.