Part 3 of multipart series where simple java spring mvc web app is secured by spring security framework. Authentication is also enabled by google and github social login oath2/oidc providers and users saved to relational database.
App is deployed to various cloud providers.

In part 3, we'll discuss oauth2 and oidc protocol, jwt token, register our web app as client with github (oauth2) and google (oidc) login providers. We'll create our own custom application user that encompasses information for all types of user our application can have

Railway.app:
https://tinyurl.com/railwaykanezi

Github repo:
https://github.com/kanezi/springsoci...

00:00 Start
00:38 add oauth2 client support
02:05 why was oauth2 created?
03:27 real world analogy for oauth2
04:40 oauth2 in web apps
08:03 openid protocol
09:29 jwt token
09:48 oauth2 vs openid
10:56 oauth2 flows
13:02 spring oauth2 properties
14:39 spring boot default oauth2 log in page
15:13 spring security configuration
17:34 keeping secrets in spring apps
19:28 github oauth2 client registration
20:40 google oidc client registration
24:14 adding .env file for secrets
25:34 localhost login via github and google
29:50 network oauth2 redirects
32:55 customize oauth2 user info endpoint
36:40 custom App user