Microservices with Spring Boot, Oauth2 Authorization, Identity Provider, Service Discovery and Docker Containers

elevysi · 05 April 2019 |

Setting an authentication server of its own is much more adopted as a common solution for a service oriented architecture. Since the monolithic application is losing grasp in favor of a microservices architecture, and security being a core part of almost every application, the need to separate its logic in its own application has almost flowed naturally and a separate implementation is nowadays common to many application developers.

In this series of posts, we are going to explore how we can implement a security service that other services can call for their authentication and authorization. We will start by setting a basic application up using Spring Boot, one that will be calling another service dedicated to authorization and authentication. The latter will be using Oauth2 to act as an authorization server; we will dive further by making it an identity provider, by building an authentication process on top of the authorization offered by Oauth2. We will see how we can power our application by using social identity providers such as Facebook and Gmail.
Although the main aspect being addressed here will be web security, we will be exploring, at the same time, some components of a service oriented cloud environment such as data exchange formats (throug data transfer objects - DTOs), a service discovery (using Netflix Eureka) and taking advantage of the latter by using Netflix Feign interfaces for data exchange. We will end by addressing the deployment of the created services through containers namely docker and multi-container deployments with the docker-compose tool.

Ultimately, we want to produce an architecture similar to the one of this web site, which from a business perspective, has five services (as explained in Let's model the business model post):

Below is the list of books that have helped in producing this series:

The source code of this series will be made available on github.
Please have a look at the posts included within series below.