The goal is to implement the same application using different technologies to show you how you can fetch OAuth2 proctected resources.

![oauth2-client-play-todolist] (https://github.com/tcompiegne/oauth2-client-samples/raw/master/site/oauth2_client_homepage.png)

1 . First of all checkout my other projects to retrieve and run the OAuth2 Authorization Server :

- git clone https://github.com/tcompiegne/oauth2-server.git
- cd oauth2-server
- mvn jetty:run (listen on port 8080)

and the OAuth2 resource server :

- git clone https://github.com/tcompiegne/oauth2-resource-server-samples
- cd oauth2-resource-server-samples/playframework-todolist
- activator "~run 9001"

The resource server require the installation of the play framework :

https://www.playframework.com/ (current version : 2.3.8)

2 . Build and run the OAuth2 client

Choose a specific project and follow the instructions in README file to get ready.

To access your OAuth 2 protected Todo List, you must singin with the account defined into the Authorization Server :

  <!-- Default authentication manager (Tests only) -->
	<sec:authentication-manager>
		<sec:authentication-provider>
			<sec:user-service>
				<sec:user name="userTest" password="userTest" authorities="ROLE_USER" />
			</sec:user-service>
		</sec:authentication-provider>
    </sec:authentication-manager>

To do so, we will use the Authorization Code Grant Flow :

![oauth2-auth-code-flow] (https://github.com/tcompiegne/oauth2-client-samples/raw/master/site/auth_code_flow.png)

When you click on the "Sign in" button you can see that you are redirected to the Authorization Server Login page (see the url change) :

![login-page] (https://github.com/tcompiegne/oauth2-client-samples/raw/master/site/login_page.png)

After the login process, you are redirected back to the client application and you can see that "My Todos" link shows up as a profile button with the logout action.

![user-page] (https://github.com/tcompiegne/oauth2-client-samples/raw/master/site/user_page.png)

The "My Todos" page retrieve your todos from the Resource Server and allow you to do the basic CRUD actions thanks to the access_token retrieve after logged in to the authorization server :

![user-todo-list] (https://github.com/tcompiegne/oauth2-client-samples/raw/master/site/user_todo_list.png)

You can replace the authentication-manager with your own authentication manager like LDAP, Database, WebServices, etc ... and replace the token store with for example the couchbase token store and create an administration web site to manage your OAuth apps client to get ready for production environments.

Enjoy !