Habr<p>Красиво инжектим JwtAuthenticationToken в Spring Boot юнит тесты</p><p>Как часто вам приходится тестировать аутентификацию в ваших юнит тестах Spring Boot приложений? Мне довольно часто. И сейчас расскажу о своем кейсе, где я сделал эту работу удобней.</p><p><a href="https://habr.com/ru/articles/931476/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">habr.com/ru/articles/931476/</span><span class="invisible"></span></a></p><p><a href="https://zhub.link/tags/spring_framework" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spring_framework</span></a> <a href="https://zhub.link/tags/spring_boot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spring_boot</span></a> <a href="https://zhub.link/tags/spring_security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spring_security</span></a> <a href="https://zhub.link/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> <a href="https://zhub.link/tags/junit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>junit</span></a></p>
mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.
Administered by:
Server stats:
8.1Kactive users
mastodon.world: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0
#OAuth2
2 posts · 2 participants · 0 posts today
Tao of Mac<p>Open ID Connect</p><p>OpenID Connect (OIDC) is an authentication protocol built on top of the OAuth 2.0 framework. It allows clients to verify the identity of end-users based on the authentication perfo(...)</p><p><a href="https://mastodon.social/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentication</span></a> <a href="https://mastodon.social/tags/identitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>identitymanagement</span></a> <a href="https://mastodon.social/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/sso" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sso</span></a></p><p><a href="https://taoofmac.com/space/protocols/oidc" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">taoofmac.com/space/protocols/o</span><span class="invisible">idc</span></a></p>
Axel Nennker<p>IETF123 is fast approaching <br><a href="https://mastodon.social/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> <a href="https://mastodon.social/tags/openid" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openid</span></a> <span class="h-card" translate="no"><a href="https://mastodon.online/@ietf" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ietf</span></a></span></p>
credativ GmbH<p>Mit PostgreSQL 18 wurde eine spannende neue Funktion eingeführt: Native Unterstützung für OAuth2. Wie funktioniert das jetzt nun?</p><p>Mehr Informationen findet ihr unter:<br><a href="https://www.credativ.de/blog/credativ-inside/postgresql-18-trifft-oauth2-so-funktioniert-die-native-unterstuetzung-mit-keycloak/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">credativ.de/blog/credativ-insi</span><span class="invisible">de/postgresql-18-trifft-oauth2-so-funktioniert-die-native-unterstuetzung-mit-keycloak/</span></a></p><p><a href="https://mastodon.social/tags/credativ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>credativ</span></a> <a href="https://mastodon.social/tags/postgresql" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>postgresql</span></a> <a href="https://mastodon.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keycloak</span></a> <a href="https://mastodon.social/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
Kyler Middleton<p>The next article in the Vera Teams series is now out! PHEW</p><p>This one covers all the magic I'm doing to make a stateless app (lambda) stateful using dynamoDB, and how Entra works to get an auth_code from the IdP, and exchange it for a token. Lots of cool Entra things there, as well as stateless architecture. </p><p>It's REAL cool, check it out: <a href="https://www.letsdodevops.com/p/teamsai-4" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">letsdodevops.com/p/teamsai-4</span><span class="invisible"></span></a> </p><p><a href="https://infosec.exchange/tags/LetsDoDevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LetsDoDevOps</span></a> <a href="https://infosec.exchange/tags/Lambda" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Lambda</span></a> <a href="https://infosec.exchange/tags/AIEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIEngineering</span></a> <a href="https://infosec.exchange/tags/EntraIdP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EntraIdP</span></a> <a href="https://infosec.exchange/tags/OAuth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth2</span></a></p>
|7eter l-|. l3oling 🧰<p>I need to feed my family, so please consider supporting my open source work. The various OAuth libraries are often buried deep inside dependency trees, so aren't top of mind, but they are a great deal of work to maintain. <a href="https://ruby.social/tags/Ruby" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ruby</span></a> <a href="https://ruby.social/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSS</span></a> <a href="https://ruby.social/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> <a href="https://ruby.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> :ruby: 🔒 <a href="https://opencollective.com/ruby-oauth/updates/oauth2-recent-releases" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">opencollective.com/ruby-oauth/</span><span class="invisible">updates/oauth2-recent-releases</span></a></p>
DiazCarrete<p>oauth2 is a nightmare from which I'm trying to awaken.</p><p><a href="https://hachyderm.io/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a></p>
Habr<p>Как в Django реализовать заполнение профиля пользователя через Google</p><p>Эта статья продолжает пост , в котором был рассмотрен один из алгоритмов аутентификации пользователя через платформу Google. Сейчас мы дополним ее механизмом заполнения профиля пользователя данными из Google-аккаунта. Хотелось бы подчеркнуть, что в обеих статьях рассматривается только один из алгоритмов. Он, на мой взгляд, наиболее понятен для начинающих разработчиков, хотя существуют и другие способы. О них можно узнать из документации Django. Проведя аутентификацию через Google, мы получили только стандартные данные - идентификатор и имя пользователя. Но можно получить и другие, в частности, email, возраст, информацию о себе и т.д. Реализуем в проекте собственный сервис ( pipeline ) и добавим в пакет приложения authapp соответствующий модуль ( pipeline.py ):</p><p><a href="https://habr.com/ru/articles/923360/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">habr.com/ru/articles/923360/</span><span class="invisible"></span></a></p><p><a href="https://zhub.link/tags/%D0%B0%D1%83%D1%82%D0%B5%D0%BD%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D1%8F_%D0%BF%D0%BE%D0%BB%D1%8C%D0%B7%D0%BE%D0%B2%D0%B0%D1%82%D0%B5%D0%BB%D0%B5%D0%B9" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>аутентификация_пользователей</span></a> <a href="https://zhub.link/tags/django" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>django</span></a> <a href="https://zhub.link/tags/google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>google</span></a> <a href="https://zhub.link/tags/python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>python</span></a> <a href="https://zhub.link/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a></p>
Emily<p>Moved away from EMQX for my home lab as they moved to a new licensing scheme and dropped features on the community version to <a href="https://hackaday.social/tags/RabbitMQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RabbitMQ</span></a> 4.1.1. </p><p>After a day of working on it, got <a href="https://hackaday.social/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> into the cluster working, and <a href="https://hackaday.social/tags/ldap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ldap</span></a> backed <a href="https://hackaday.social/tags/mqtt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mqtt</span></a> client logins. </p><p>Not as flashy as EMQX, but fitting my needs so far very well.</p><p>Really wanted unified account management and doing it all through <a href="https://hackaday.social/tags/Authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentik</span></a> through oauth2 and it's LDAP outpost is very cool. No more local mqtt accounts 😊 </p><p><a href="https://hackaday.social/tags/Homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Homelab</span></a> <a href="https://hackaday.social/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a></p>
Sébastien Stormacq<p>🔐 API keys or client credentials?</p><p>We unpack OAuth 2.0, token security, and the future of AI agents in M2M auth with Cognito and API Gateway. </p><p>🎙️New AWS Developers Podcast out now! 🎧 (links in the thread)</p><p><a href="https://mastodon.social/tags/AWS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AWS</span></a> <a href="https://mastodon.social/tags/OAuth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth2</span></a> <a href="https://mastodon.social/tags/Cognito" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cognito</span></a></p>
OpenHistoricalMap<p>Do you already contribute to <span class="h-card" translate="no"><a href="https://en.osm.town/@openstreetmap" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>openstreetmap</span></a></span>? You can start contributing to OpenHistoricalMap too in just a few clicks, without having to juggle yet another password for yet another mapping site. Once you have a taste of OSM <a href="https://mapstodon.space/tags/SingleSignOn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleSignOn</span></a> via <a href="https://mapstodon.space/tags/OAuth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth2</span></a>, you’ll never look back.</p>
Sven Jacobs :androidHead:<p>Today I released the first version of <a href="https://androiddev.social/tags/Lokksmith" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Lokksmith</span></a>, a <a href="https://androiddev.social/tags/KotlinMultiplatform" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KotlinMultiplatform</span></a> OpenID Connect client library for <a href="https://androiddev.social/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> and <a href="https://androiddev.social/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iOS</span></a>. I've been working on this in my spare time for the past few weeks. I finally reached a state that I can proudly show to the world.</p><p>The first release contains a fully working implementation for Android. The iOS integration is not yet available. Any help regarding iOS is greatly appreciated. </p><p><a href="https://lokksmith.dev" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">lokksmith.dev</span><span class="invisible"></span></a></p><p><a href="https://androiddev.social/tags/Kotlin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kotlin</span></a> <a href="https://androiddev.social/tags/OpenID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenID</span></a> <a href="https://androiddev.social/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenIDConnect</span></a> <a href="https://androiddev.social/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> <a href="https://androiddev.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> <a href="https://androiddev.social/tags/OAuth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth2</span></a></p>
Habr<p>Введение в OAuth и OpenID Connect</p><p>Идентификация — это заявление о том, кем вы являетесь. В зависимости от ситуации, это может быть имя, адрес электронной почты, номер учетной записи, и так далее. Аутентификация — предоставление доказательств, что вы на самом деле есть тот, кем идентифицировались (от слова “authentic” - истинный, подлинный). В качестве доказательства может использоваться паспорт, для подтверждения личности в банке, либо ввод пароля на сайте. Авторизация — проверка, что вам разрешен доступ к запрашиваемому ресурсу.</p><p><a href="https://habr.com/ru/articles/916640/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">habr.com/ru/articles/916640/</span><span class="invisible"></span></a></p><p><a href="https://zhub.link/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> <a href="https://zhub.link/tags/openidconnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openidconnect</span></a> <a href="https://zhub.link/tags/%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>авторизация</span></a> <a href="https://zhub.link/tags/%D0%B0%D1%83%D1%82%D0%B5%D0%BD%D1%82%D0%B8%D1%84%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D1%8F" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>аутентификация</span></a></p>
Sérgio Isidoro<p>It's 2025, and Google <a href="https://masto.pt/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> still hasn't implemented <a href="https://masto.pt/tags/PKCE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PKCE</span></a> code flow without client secret for web SPAs</p><p><a href="https://stackoverflow.com/questions/60724690/using-google-oidc-with-code-flow-and-pkce" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">stackoverflow.com/questions/60</span><span class="invisible">724690/using-google-oidc-with-code-flow-and-pkce</span></a></p>
|7eter l-|. l3oling 🧰<p>:ruby: Let's support kids.</p><p>By "kids", I of course mean support for Key IDs (kids) in JWT assertions (IETF rfc7515 JSON Web Signature - JWS compliant)</p><p>Of course, I also mean <a href="https://ruby.social/tags/FreePalestine" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreePalestine</span></a>, and <a href="https://ruby.social/tags/SayNoToGenocide" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SayNoToGenocide</span></a></p><p>For a full writeup:</p><p><a href="https://dev.to/galtzo/ann-oauth2-v2012-w-support-for-kids-57be" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dev.to/galtzo/ann-oauth2-v2012</span><span class="invisible">-w-support-for-kids-57be</span></a></p><p><a href="https://ruby.social/tags/Ruby" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ruby</span></a> <a href="https://ruby.social/tags/JWT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JWT</span></a> <a href="https://ruby.social/tags/Oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oauth2</span></a></p>
Vladimir Marinkovic<p>Blogged: kickstarter guide for using Keycloak as identity provider</p><p><a href="https://cleverheap.com/posts/keycloak-with-aspnet-webapi/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cleverheap.com/posts/keycloak-</span><span class="invisible">with-aspnet-webapi/</span></a></p><p><a href="https://mastodon.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keycloak</span></a> <a href="https://mastodon.social/tags/blog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blog</span></a> <a href="https://mastodon.social/tags/dotnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dotnet</span></a> <a href="https://mastodon.social/tags/aspnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aspnet</span></a> <a href="https://mastodon.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://mastodon.social/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a></p>
damienbod<p>Blogged: Implement client assertions with client credentials flow using OAuth DPoP</p><p><a href="https://damienbod.com/2025/05/12/implement-client-assertions-with-client-credentials-flow-using-oauth-dpop/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">damienbod.com/2025/05/12/imple</span><span class="invisible">ment-client-assertions-with-client-credentials-flow-using-oauth-dpop/</span></a></p><p><a href="https://mastodon.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth</span></a> <a href="https://mastodon.social/tags/aspnetcore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aspnetcore</span></a> <a href="https://mastodon.social/tags/dotnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dotnet</span></a> <a href="https://mastodon.social/tags/dpop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dpop</span></a> <a href="https://mastodon.social/tags/duende" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>duende</span></a> <a href="https://mastodon.social/tags/identity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>identity</span></a> <a href="https://mastodon.social/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
Habr<p>[Перевод] Как обезопасить Spring AI MCP сервер с помощью OAuth2</p><p>Команда Spring АйО перевела статью о том, как правильно настраивать безопасность на MCP серверах с использованием возможностей OAuth2 в свете новейшей спецификации MCP, вышедшей в свет 26-го марта 2025-го года, то есть совсем недавно.</p><p><a href="https://habr.com/ru/companies/spring_aio/articles/901360/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">habr.com/ru/companies/spring_a</span><span class="invisible">io/articles/901360/</span></a></p><p><a href="https://zhub.link/tags/mcp_server" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mcp_server</span></a> <a href="https://zhub.link/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a> <a href="https://zhub.link/tags/java" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>java</span></a> <a href="https://zhub.link/tags/kotlin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kotlin</span></a> <a href="https://zhub.link/tags/spring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>spring</span></a> <a href="https://zhub.link/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
Wer hat eigentlich dieses #OAuth2 erfunden?
Kann ich den Menschen mal sehen?
Will diesen Menschen fragen was in dem Joint war?
Lack?
Soporte #oauth2 para https://pad.osm.lat y https://org.osmlatam.org en versión alpha 0.1 
#openstreetmap #hedgedoc #kanboard
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload