Giters

selcuksert / oauth-oidc-spa

A sample project on OAuth & OpenID Connect using Angular as SPA Client, SpringBoot as ResourceServer and Keycloak as IdP

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

oauth2openidconnectkeycloakspringbootangularsinglepageapplication

oauth-oidc-spa

This repository hosts a sample project on OAuth & OIDC Authorization Code Flow with PKCE that comprises of an Angular & Polymer based SPA (Single Page App) client, Spring Boot based resource server, Keycloak authorization server and an OpenLDAP based directory server.

This is a PoC for the Linkedin Blog: Single Page Application Security with OAuth and OpenID Connect

Authorization Code Flow & PKCE

The project relies on OAuth & OIDC Authorization Code Flow with PKCE that is the recommended method to use for SPA clients instead of implicit flow:

PKCE

The libraries/solutions in place are in Certified OpenID Connect Implementations list:

The basic project architecture is as follows (in Archimate standard):

Architecture

About

A sample project on OAuth & OpenID Connect using Angular as SPA Client, SpringBoot as ResourceServer and Keycloak as IdP

oauth2openidconnectkeycloakspringbootangularsinglepageapplication

License:MIT License

Languages

Language:TypeScript 50.4%Language:HTML 27.8%Language:Java 13.1%Language:CSS 5.8%Language:JavaScript 2.9%