Blog

In this tutorial, you will learn about the main difference between the “mvn package” and “mvn install” commands. As well as how to use both commands on your computer. “mvn package” vs “mvn install” The main difference between the “mvn package” and “mvn install” commands is that mvn package command will compile the source and will package it in its…

Read More Difference Between “mvn package” and “mvn install”

Swift provides powerful tools for comparing and equating custom objects using the Comparable and Equatable protocols. In this tutorial, we will explore how to use the Comparable protocol to compare custom objects based on their properties, and the Equatable protocol to determine whether two objects are equal. By the end of this tutorial, you will…

Read More Comparable Protocol: How to Compare Custom Objects

In this tutorial, you will learn how to get the currently authenticated principal user UserId value from the JWT access token generated by Keycloak. UserId in JWT The userId value will be stored under the “sub” key in the JWT access token generated by Keycloak. Below is an example of a decoded JWT access token containing…

Read More Get UserId from Keycloak JWT Access Token

In this tutorial, you will learn how to use @AuthenticationPrincipal annotation to get the Jwt object containing the details of a provided in HTTP Request access token. When we send a request containing an access token in the Authorization header, behind the scenes,  Spring Framework will do a lot of work and if all is good,…

Read More @AuthenticationPrincipal – Getting the Jwt Claims

In this tutorial, you will learn how to refresh OAuth 2.0 access token using the Refresh Token OAuth 2.0 Grant Type. To learn how to use other OAuth 2.0 grant types, please check out the following tutorials: Client Credentials Grant Type with Keycloak, OAuth 2.0 Device Authorization Grant example, PKCE Verification in Authorization Code Grant,…

Read More OAuth 2.0 Refresh Token Example

In this tutorial, you will learn how to register a new OAuth Client application with Keycloak and how to request an access token using the Client Credentials grant type. If you are interested to learn how to perform other OAuth 2 authorization flows with Keycloak, then have a look at the following tutorials as well.…

Read More Keycloak: Client Credentials Grant Example

In this tutorial, you will learn how to create a new OAuth Client application in Keycloak. If you are interested to learn more about Keycloak and how to perform different OAuth 2 authorization flows using the Keycloak server, then have a look at other Keycloak tutorials as well. Creating a New OAuth Client Application To…

Read More Keycloak: Create a New OAuth Client Application

The Oauth 2 Device Authorization Grant, also formerly known as the Device Flow, is an Oauth 2 extension that enables devices with no browser or limited input capability to obtain an access token. You might have experienced the Device flow when authorizing a PlayStation or a TV app to access your Microsoft or Google account.…

Read More OAuth 2.0 Device Authorization Grant Flow Example

In this tutorial, you will learn how to generate the OAuth PKCE Code Verifier and the Code Challenge in Java. The Code Verifier and the Code Challenge are used in the OAuth PKCE-enhanced Authorization Code Grant flow and the specs on how these two should be generated can be found here RFC7636. To learn how…

Read More PKCE Code Verifier and Code Challenge in Java

In this tutorial, you will learn how to perform PKCE verification when acquiring an access token using the OAuth 2 Authorization Code Grant flow. PKCE stands for Proof Key for Code Exchange and the PKCE-enhanced Authorization Code Flow builds upon the standard Authorization Code Flow, so the steps are very similar. To learn how to acquire…

Read More PKCE Verification in Authorization Code Grant

In this tutorial, you will learn how to use an OAuth 2 Implicit Grant Type authorization flow to acquire an access token from an authorization server. The Implicit Grant Type was previously recommended for native apps and JavaScript apps where the access token was returned immediately without an extra authorization code exchange step. When following…

Read More OAuth 2 Implicit Grant Type Flow Example