Set up OAuth 2 Resource Server protection
Summary
Set up OAuth 2 Resource Server protection using Spring Security for your API
Tasks
Tasks from the milestone description:
- Set up OAuth 2 Resource Server protection using Spring Security for your API;
- Reuse the client_id and client_secret for both the client and resource servers, and the test_* scopes from the seminar about security. You may use the client from the seminar just to get an access token, no need to implement the UI;
- Use different scopes for different methods where it makes sense;
- Use at least two different scopes;
- The client is registered for the following redirect URLs:
http://localhost:8080/login/oauth2/code/muni
,http://localhost:8081/login/oauth2/code/muni
,http://localhost:8082/login/oauth2/code/muni
,http://localhost:8083/login/oauth2/code/muni
,http://localhost:8084/login/oauth2/code/muni
,http://localhost:8090/swagger-ui/oauth2-redirect.html