Implementing Your Own OAuth 2.0 Provider

In this chapter, we will cover the following recipes:

• Protecting resources using the Authorization Code grant type
• Supporting the Implicit grant type
• Using the Resource Owner Password Credentials grant type as an approach for OAuth 2.0 migration
• Configuring Client Credentials grant type
• Adding support for refresh tokens
• Using a relational database to store tokens and client details
• Using Redis as a token store
• Implementing client registration
• Breaking the OAuth 2.0 Provider in the middle
• Using Gatling to load test the token validation process using shared databases