Introduction

Nowadays we have scenarios which demand that applications interact with a large number of services and also provide services by themselves distributed as APIs throughout the network. Despite this, it's common to allow users of our applications to grant permissions to third-party applications, where OAuth 2.0 has proven to be a good option.

In this chapter, you will learn how to create, configure, and distribute an OAuth 2.0 Provider covering distinct scenarios using all the grant types described by the OAuth 2.0 specification, as well as how to use different access token management strategies through relational databases and Redis (a NoSQL database). All the recipes in this chapter will be implemented using Spring Security OAuth2, which at the time of writing this book, was at the 2.2.0.RELEASE version (check the official documentation for Spring Security OAuth2 at http://projects.spring.io/spring-security-oauth/docs/oauth2.html). It's important learning how to configure your own OAuth 2.0 Provider because of the large number of integrations being done among applications nowadays. Additionally, by reading this chapter, you will be able to apply all the OAuth 2.0 details from specifications practically through the usage of Spring Security OAuth2.