Section 1 : Introduction
|
Lecture 1 | INTRODUCTION TO BRAINMEASURES PROCTOR SYSTEM | |
|
Lecture 2 | INTRODUCTION TO BRAINMEASURES PROCTOR SYSTEM | |
|
Lecture 3 | Introduction | 00:03:57 Duration |
|
Lecture 4 | Introduction to OAuth 2 | 00:07:20 Duration |
|
Lecture 5 | OAuth 2 | 00:03:17 Duration |
|
Lecture 6 | Current State of OAuth 2 | 00:04:18 Duration |
|
Lecture 7 | OAuth 2 | 00:05:01 Duration |
|
Lecture 8 | OAuth Access Token | 00:07:45 Duration |
|
Lecture 9 | OAuth2 and OpenID Connect (OIDC) | 00:03:40 Duration |
Section 2 : OAuth 2 Grant Types and Authorization Flows
|
Lecture 1 | Introduction | 00:04:26 Duration |
|
Lecture 2 | Authorization Code | 00:09:45 Duration |
|
Lecture 3 | Authorization Code Demo | 00:07:37 Duration |
|
Lecture 4 | Authorization Code Demo | 00:04:21 Duration |
|
Lecture 5 | PKCE-enhanced Authorization Code | 00:05:37 Duration |
|
Lecture 6 | Generating PKCE Code Verifier | 00:01:14 Duration |
|
Lecture 7 | Generating PKCE Code Challenge | 00:01:29 Duration |
|
Lecture 8 | PKCE Demo | 00:07:20 Duration |
|
Lecture 9 | PKCE Demo | 00:04:44 Duration |
|
Lecture 10 | Client Credentials | 00:01:42 Duration |
|
Lecture 11 | Client Credentials Grant Type Demo | 00:02:38 Duration |
|
Lecture 12 | The Password Credentials Flow | 00:02:13 Duration |
|
Lecture 13 | The Password Credentials Flow Demo | 00:03:01 Duration |
Section 3 : Refreshing Access Token
|
Lecture 1 | Introduction | 00:05:05 Duration |
|
Lecture 2 | Requesting Refresh Token that never expires | 00:02:25 Duration |
|
Lecture 3 | Refreshing Access Token | 00:03:13 Duration |
Section 4 : Keyclock
|
Lecture 1 | Introduction | 00:04:07 Duration |
|
Lecture 2 | Starting up Standalone Authorization Server Keyclock | 00:02:03 Duration |
|
Lecture 3 | Starting and Stopping Keycloak Server | 00:03:40 Duration |
|
Lecture 4 | Creating an Initial Admin User | 00:01:21 Duration |
|
Lecture 5 | Creating a new Realm | 00:03:03 Duration |
|
Lecture 6 | Creating a new user | 00:02:55 Duration |
|
Lecture 7 | Creating a new OAuth client application | 00:04:53 Duration |
|
Lecture 8 | Configuring Client Application Secrets | 00:01:05 Duration |
|
Lecture 9 | Requesting Access Token and Refresh Token | 00:03:55 Duration |
|
Lecture 10 | EnableDisable OAuth 2 | 00:02:15 Duration |
|
Lecture 11 | OAuth 2 | 00:04:55 Duration |
Section 5 : OAuth Resource Server
|
Lecture 1 | Introduction | 00:03:00 Duration |
|
Lecture 2 | Creating a new project | 00:04:05 Duration |
|
Lecture 3 | Import project into Spring Tool Suite IDE | 00:00:56 Duration |
|
Lecture 4 | Starting Resource Server on different port number | 00:01:35 Duration |
|
Lecture 5 | Creating a Rest Controller Class | 00:04:49 Duration |
|
Lecture 6 | Access Token Validation URIs | 00:02:57 Duration |
|
Lecture 7 | Accessing endpoints with an Access Token | 00:03:53 Duration |
|
Lecture 8 | Accessing Principal and JWT Claims | 00:04:17 Duration |
|
Lecture 9 | Demo - Accessing JWT Claims | 00:03:38 Duration |
Section 6 : Resource Server - Scope Based Access Control
|
Lecture 1 | Introduction | 00:09:14 Duration |
|
Lecture 2 | Create WebSecurityConfigurerAdapter and enable Web Security | 00:01:58 Duration |
|
Lecture 3 | Override the default HttpSecurity configuration | 00:02:45 Duration |
|
Lecture 4 | Configure Scope-based access control | 00:02:24 Duration |
|
Lecture 5 | Demo - without using proper Scope | 00:03:13 Duration |
|
Lecture 6 | Demo - using proper Scope | 00:01:05 Duration |
|
Lecture 7 | INTRODUCTION TO BRAINMEASURES PROCTOR SYSTEM |
Section 7 : Role Based Access Control with Keycloak
|
Lecture 1 | Introduction | 00:05:34 Duration |
|
Lecture 2 | Source code | |
|
Lecture 3 | Creating User Role | 00:01:15 Duration |
|
Lecture 4 | Securing Endpoints to a Specific Role | 00:02:21 Duration |
|
Lecture 5 | Creating Role Converter class | 00:02:08 Duration |
|
Lecture 6 | Decoding JWT to find user roles | 00:02:11 Duration |
|
Lecture 7 | Converting Roles into GrantedAuthority objects | 00:01:31 Duration |
|
Lecture 8 | Register JwtAuthenticationConverter with HttpSecurity | 00:01:07 Duration |
|
Lecture 9 | Trying how it works |
Section 8 : Resource Server Method Level Security
|
Lecture 1 | Introduction | 00:04:55 Duration |
|
Lecture 2 | Source code | |
|
Lecture 3 | Enable Method Level Security | 00:02:19 Duration |
|
Lecture 4 | @Secured annotation example | 00:05:54 Duration |
|
Lecture 5 | @PreAuthorized annotation | 00:04:00 Duration |
|
Lecture 6 | Reading UserId from JWT Access Token | 00:05:39 Duration |
|
Lecture 7 | Trying how the @PreAuthorized annotation works | 00:03:00 Duration |
|
Lecture 8 | Creating getUser() to be used with @PostAuthorize | 00:03:31 Duration |
|
Lecture 9 | @PostAuthorized annotation | 00:03:08 Duration |
|
Lecture 10 | Trying how to the @PostAuthorized annotation works | 00:04:06 Duration |
Section 9 : Resource Server Behind API Gateway
|
Lecture 1 | Introduction | 00:06:01 Duration |
|
Lecture 2 | Creating API Gateway Project | |
|
Lecture 3 | Import API Gateway to Spring Tool Suite | 00:00:37 Duration |
|
Lecture 4 | Configuring API Gateway Routes | 00:06:26 Duration |
|
Lecture 5 | Trying how it works | 00:03:46 Duration |
|
Lecture 6 | Albums & Photos Resource Servers | 00:03:44 Duration |
|
Lecture 7 | Routing to multiple Resource Servers | 00:03:04 Duration |
|
Lecture 8 | Trying how it works | 00:04:09 Duration |
Section 10 : Eureka Discovery Service
|
Lecture 1 | Introduction | 00:04:40 Duration |
|
Lecture 2 | Creating Eureka Discovery Service Project | 00:03:20 Duration |
|
Lecture 3 | Configuring Eureka project | 00:03:50 Duration |
Section 11 : Configure Resource Server as Eureka Client
|
Lecture 1 | Eureka Client Dependency | 00:04:13 Duration |
|
Lecture 2 | @EnableDiscoveryClient and configuration properties | 00:02:45 Duration |
|
Lecture 3 | Trying how it works | 00:00:50 Duration |
|
Lecture 4 | Exercise | 00:01:10 Duration |
|
Lecture 5 | Source Code | |
|
Lecture 6 | Solution overview | 00:04:46 Duration |
Section 12 : Load Balancing
|
Lecture 1 | Load Balancing - Introduction | 00:02:08 Duration |
|
Lecture 2 | Starting Resource Servers on Random IP Address | 00:04:12 Duration |
|
Lecture 3 | Eureka and Resource Server Instance Id | 00:07:00 Duration |
|
Lecture 4 | Configuring API Gateway as Eureka Client | 00:04:37 Duration |
|
Lecture 5 | Configure API Gateway Routes | 00:03:24 Duration |
|
Lecture 6 | Return the running port number | 00:02:17 Duration |
|
Lecture 7 | Trying how it works | 00:03:47 Duration |
Section 13 : OAuth 2
|
Lecture 1 | OAuth 2 | 00:01:42 Duration |
|
Lecture 2 | Source code | |
|
Lecture 3 | Creating a new Spring Boot Project | |
|
Lecture 4 | Creating Controller class | 00:04:12 Duration |
|
Lecture 5 | Returning list of albums | 00:04:54 Duration |
|
Lecture 6 | Displaying Albums in HTML Page | 00:04:21 Duration |
|
Lecture 7 | Adding OAuth2 Client Dependency | 00:01:20 Duration |
|
Lecture 8 | Configuring OAuth2 Client properties | 00:05:30 Duration |
|
Lecture 9 | Configuring OAuth2 Provider properties | 00:02:39 Duration |
|
Lecture 10 | Reading ID Token | 00:06:26 Duration |
|
Lecture 11 | Reading JWT Access Token | 00:06:12 Duration |
|
Lecture 12 | HTTP Request to an Internal Resource Server | 00:07:39 Duration |
|
Lecture 13 | Trying how it works | 00:02:09 Duration |
|
Lecture 14 | A different approach to adding access token | 00:01:27 Duration |
|
Lecture 15 | Adding WebClient Dependency | 00:01:15 Duration |
|
Lecture 16 | Creating a WebClient Bean | |
|
Lecture 17 | Using WebClient in a Controller class | 00:02:40 Duration |
|
Lecture 18 | Trying how it works | 00:01:41 Duration |