= jwt (JSON Web Token) = JSON Web Token * https://tools.ietf.org/html/rfc7519 * https://en.wikipedia.org/wiki/JSON_Web_Token * https://jwt.io/ * https://www.devglan.com/spring-security/spring-boot-jwt-auth * https://www.baeldung.com/spring-security-oauth-jwt * https://www.tutorialspoint.com/spring_boot/spring_boot_oauth2_with_jwt.htm == Overview == In authentication, when the user successfully logs in using their credentials, a JSON Web Token will be returned and must be saved locally (typically in local or session storage, but cookies can also be used), instead of the traditional approach of creating a session in the server and returning a cookie. The tokens are designed to be compact,[2] URL-safe,[3] and usable especially in a '''web-browser single-sign-on (SSO) context'''. JWT claims can be typically used to pass identity of authenticated users between an identity provider and a service provider, or any other type of claims as required by business processes. This is a stateless authentication mechanism as the user state is never saved in server memory. The server's protected routes will check for a valid JWT in the '''Authorization header''', and if it is present, the user will be allowed to access protected resources. As JWTs are self-contained, all the necessary information is there, reducing the need to query the database multiple times. == Adapted tutorials point Spring boot + JWT example == * https://www.tutorialspoint.com/spring_boot/spring_boot_oauth2_with_jwt.htm === Structure === {{{ . ├── build_image.sh ├── connect_container.sh ├── Dockerfile ├── get_token.sh ├── jwt.pem ├── pom.xml ├── run_container.sh ├── src │   └── main │   ├── java │   │   └── com │   │   └── tutorialspoint │   │   └── websecurityapp │   │   ├── CustomDetailsService.java │   │   ├── CustomUser.java │   │   ├── OAuth2Config.java │   │   ├── OAuthDao.java │   │   ├── SecurityConfiguration.java │   │   ├── UserEntity.java │   │   └── WebsecurityappApplication.java │   └── resources │   ├── application.properties │   ├── data.sql │   └── schema.sql └── stop_container.sh }}} * mkdir -p src/main/java/com/tutorialspoint/websecurityapp/ * mkdir src/main/resources/ * openssl genrsa -out jwt.pem 2048 # generate private key === run_container.sh === {{{ }}} === Dockerfile === {{{ }}} === src/main/java/com/tutorialspoint/websecurityapp/SecurityConfiguration.java === {{{ }}} === src/main/java/com/tutorialspoint/websecurityapp/OAuth2Config.java === {{{ }}} === src/main/java/com/tutorialspoint/websecurityapp/CustomUser.java === {{{ }}} === src/main/java/com/tutorialspoint/websecurityapp/UserEntity.java === {{{ }}} === src/main/java/com/tutorialspoint/websecurityapp/WebsecurityappApplication.java === {{{ }}} === src/main/java/com/tutorialspoint/websecurityapp/CustomDetailsService.java === {{{ }}} === src/main/java/com/tutorialspoint/websecurityapp/OAuthDao.java === {{{ }}} === src/main/resources/schema.sql === {{{ }}} === src/main/resources/application.properties === {{{ }}} === src/main/resources/data.sql === {{{ }}} === build_image.sh === {{{ }}} === pom.xml === {{{ }}} === get_token.sh === {{{ }}} === connect_container.sh === {{{ }}} === stop_container.sh === {{{ }}}