Learn Spring Security OAuth

The definitive guide to secure your application with OAuth2

Why Learn Spring Security?

What makes Spring so popular?

The Java ecosystem is vast and quite mature, but when it comes to security, right now, in 2020, there's really no debate. If you're working on the security of your application, you're most likely using Spring Security. 

Simply put, the framework is able to handle everything you throw at it - from simple scenarios to highly complex, distributed security requirements. There are some OK alternatives, but nothing really comes close. 

Should I do OAuth?

Learn Spring through video, with an actual project

There's a lot of confusion out there around what OAuth actually is. 

So, before all the "deep-dives" into the advanced aspects of the standard - we're starting with the very basics, and we're building up a clear understanding of the protocol. 

It's critical to learn where OAuth fits well and is great solution, and in which scenarios you actually need to avoid it. 

And, once you know you're doing OAuth - you need to understand exactly how it works - to do it well. This is where this material gets interesting - the deep-dives.

After teaching more than 1900 students security through my "Learn Spring Security" course, 
I'm finally taking the OAuth material to the next level with this new, fully dedicated course!

The New OAuth2 Stack in Spring Security 5

Learn Spring, step by step

About two years ago, the Spring Security core team did something unexpected - they announced they were going to do a full rewrite of the OAuth2 support in the framework. 

This was big news! 

It was also the very first time a core Spring project has made such a bold commitment towards a ground-up, major rewrite in the framework. 

The new OAuth2 stack is now moving fast with the Spring Security 5.2 release now out and with 5.3 on the horizon - and the new functionality is already significantly better than the old stack. 

That's what I'm focusing on in this new course, with the 3 classes below:

The Master Class

This is the full material - the comprehensive, start-to-finish path from just learning what OAuth is - to having a real-world, solid understanding of how to use it in practice. 

The 7 in-depth modules focus on the new OAuth2 stack in Spring Security 5 with Spring 5 and Boot 2, today, in 2020, not looking back at the XML days of Spring Security.

The Certification Class

This class is simple - it contains the full material from the Master Class, plus downloads, extensive exercises and multiple-choice questions - to help you get the most out of the material.

When you're done, you're going to get a "Certificate of Completion" for the course. 

The Coaching Class

This is where we go beyond the course material, with a year-long group Coaching Program - where I'll take a small group of students through both the course but also their own specific implementations.

Past sessions and workshops are, of course, recorded and available. 

Video, along with actual coding practice through a real-world project - is the best way to learn a complex framework like Spring Security 5

Practice by Coding

Learn by Coding

Each lesson in the course is either code-focused on a specific OAuth scenario, or theoretical, introducing you to the core concepts. Like all of my courses, the approach is "learn by doing" - or, more specifically, by coding. 

I've structured the material to show you how to secure very different types of applications, each with their own caractheristics, where a specific flow that fits and others that don't. 

I'm Eugen, and I'll be your instructor through this course.

I've been using OAuth extensively in my own consulting practice for many years now. I've helped teams implement (most commonly re-implement) security in their systems over a ridiculous number of Spring versions. And I've been teaching security throughout most of that time.

The lessons here come out of that experience, with a simple goal - to get you super comfortable with OAuth2, Spring Security 5 and Spring Boot 2. 

To be clear - you can't get there by just watching videos - you'll need to code, along with me, through the material. The videos and the extensive excercises are your reference to come back to - whenever you need them.

This course, as I'm sure you're aware - is primarily focused on OAuth. 

Naturally, if you're doing OAuth in your own application, you'll get a lot out of the material here. 

But, if you're focusing on the full Spring Security 5 framework, beyond just OAuth, keep in mind this course is half of the full "Learn Spring Security" course

The Master Class

The Master Class

The canonical reference for securing a web application with Spring Security and OAuth2.

The 7 modules cover everything from the basics of the OAuth2 flows to a full deep-dive into OpenID, JWT, Spring Boot support. 

And, most importantly, the material is focused on the entirely new OAuth2 stack the Spring Security team has been working on since late 2017 now. 

Simply put, every possible corner of an OAuth2 implementation with Spring Security 5. 

Due Date: end of April 2020

Get access for $247 →

1. Intro to OAuth2 and the OAuth2 Roles

4 VIDEO LESSONS 

  1. Intro to OAuth2 and the OAuth2 Roles (theory)
  2. Picking the Right OAuth Grant Type/Flow to Use (theory)
  3. The State of OAuth2 in Spring Security 5 (theory)
  4. Setting up the Project

2. OAuth2 with the Legacy OAuth2 Stack in Spring Security

5 VIDEO LESSONS

  1. Setup OAuth2 with Spring Security
  2. Tokens and JWT (theory)
  3. Tokens, OAuth2 and JWT
  4. The OAuth2 Implicit Flow and the Authorization Code Flow (theory)
  5. Using the Authorization Code Flow in OAuth2

3. The Basics of OAuth2 (New Stack)

4 VIDEO LESSONS

  1. The New OAuth2 Client Support
  2. The Authorization Server with Keycloak
  3. The New Resource Server Support
  4. Tokens, JWT and the New Stack

4. OAuth2 Beyond the Basics - The Resource Server (New Stack)

3 VIDEO LESSONS

  1. Basic Authorization with OAuth2
  2. Verify/Validate Claims from the JWT
  3. OAuth2 Spring Data Integration

​5. ​OAuth2 Beyond the Basics - The Client (New Stack)

5 VIDEO LESSONS

  1. New OAuth2 Social Login
  2. OAuth2 Client with Third-Party Authorization Server
  3. The Resource Owner Password Flow (theory)
  4. Client Support for the Password Flow
  5. Refreshing a Token

​6. ​​OAuth2 Beyond the Basics - Deep-Dives (New Stack)

5 VIDEO LESSONS

  1. OAuth2 and SPAs
  2. Exploring JWS with OAuth2
  3. Testing OAuth2 with REST-assured
  4. OAuth2 and OpenID
  5. Confidential Clients and the Client Credentials Flow

7. Microservices, Spring Security and OAuth2 (New Stack)

WORKSHOP

  1. OAuth Security Patterns in a Microservice Application

The Certification Class

The Certification Class

This Class contains the same material as the Master Class, but goes beyond the core material with:

  • extensive exercises in each lesson to make sure the material stuck
  • ​a Certificate of Completion (example)
  • the download ability for all video lessons - to help you learn offline

Of course, if you have any questions about the material, ping me directly here, on chat, or over email. 

Due Date: end of April 2020

Get access for $347 →

Instance 1

​Master Class

The canonical reference to doing OAuth2 properly with Spring Security

All 7 Modules

27 Video Lessons

Get Access → $247


Due Date: end of April 2020

Certification Class

This Class includes the Master Class material, exercises, downloads and the Certificate of Completion

All 7 Modules

27 Video Lessons

+ Exercises in Each Lesson

+ Full Downloads for All Videos

Get Access → $347

Due Date: end of April 2020

Coaching Class

This Class includes the Certification Class, 3 Workshops and 12 Group Coaching Calls

All 7 Modules

27 Video Lessons

+ Exercises in Each Lesson

+ Full Downloads for All Videos

All 3 Live Workshops (2+ hour events)

12 Group Coaching Calls

Get Access → $547

Due Date: end of April 2020

If you're looking to get both this course as well as Learn Spring Security Core,

Have a look at the full Learn Spring Security Course →

Do you have a team who would benefit from taking the course?

Here are our team licenses →

30-Day Money Back Guarantee

30-Day Money Back Guarantee

I believe strongly in the quality of the course material to teach you the fundamentals of coding in Spring. I've put a lot of work and care into these lessons and hope you're going to use it fully and up your Spring game. 

I confidently back all classes with a 30-Day Money Back Guarantee. I want you to dive in deep and experience the full wealth of this resource without hesitation. 

If the material isn't a good fit, just contact me within 30 days of purchase, and ask for a full refund for any single course package.

The most common questions, answered -->

Support and Privacy

ACCOUNT LOGIN

PRIVACY POLICY

TERMS OF SERVICE

The Learn Spring Course

PRICING

MASTER CLASS

CERTIFICATION CLASS

FAQ

Free Sample Lessons (LSS Core)

URL AUTHORIZATION

A SIMPLE REMEMBER ME FLOW

REMEMBER ME WITH PERSISTENCE

A CUSTOM AccessDecisionVoter

A SIMPLE TWO-FACTOR IMPLEMENTATION WITH A SOFT TOKEN