1
00:00:00,240 --> 00:00:07,260
In the previous lecture, we have made some changes inside our application to use the GitHub based workflow

2
00:00:07,470 --> 00:00:13,650
during the authentication and alteration of the application, so we built a simple springboard application,

3
00:00:14,070 --> 00:00:20,820
which has only a single controller, which is secure controller with a pad slash, which will redirect

4
00:00:20,820 --> 00:00:28,080
due to the security team and will display the skill that has to, with the message, successfully log

5
00:00:28,080 --> 00:00:29,180
in using GetUp!

6
00:00:29,670 --> 00:00:35,030
And at the same time, it will also bring to the the basic details that we received from the GitHub

7
00:00:35,040 --> 00:00:37,740
also belongs to the logged in user.

8
00:00:38,040 --> 00:00:43,020
So now let's try to start this application and see how things are working so far that first I'll go

9
00:00:43,020 --> 00:00:49,920
to the main class Springboard class and I'll start this application in debug mode and also keep a breakpoint

10
00:00:49,920 --> 00:00:56,070
here so that we can see what kind of details that we are getting from the get help about the user.

11
00:00:56,430 --> 00:01:03,180
So once the server is starter, we can go to the browser and try to access the only part available inside

12
00:01:03,180 --> 00:01:09,990
this application, which is really since we are accessing this part very first time without logging

13
00:01:09,990 --> 00:01:15,120
in, it should redirect us to the GitHub for proving our identity.

14
00:01:15,270 --> 00:01:21,780
Once GitHub acknowledges our identity and provider access token, then only this application has to

15
00:01:22,080 --> 00:01:25,470
display the protected resource which is secured attached to him.

16
00:01:25,710 --> 00:01:31,080
So in this scenario, I am the resource owner and this application is the resource server.

17
00:01:31,260 --> 00:01:33,960
Azzara is a GitHub client.

18
00:01:33,960 --> 00:01:35,380
Is the this application.

19
00:01:35,410 --> 00:01:39,660
So the same application is acting as both client and the resource server.

20
00:01:40,080 --> 00:01:45,930
So I'm just entering the localhost 88, which is belongs to my application.

21
00:01:46,290 --> 00:01:53,700
As soon as I click enter, you can see since I have not logged in previously, I have been directed

22
00:01:53,700 --> 00:01:56,250
to the GitHub Observer with the client.

23
00:01:56,250 --> 00:02:02,910
I read that I configure and at type as outrace along with the other details like redirect.

24
00:02:02,910 --> 00:02:04,290
You are all those things.

25
00:02:04,410 --> 00:02:09,900
And you can also see this will provide you the client details.

26
00:02:10,259 --> 00:02:12,120
Who redirected to this page.

27
00:02:12,300 --> 00:02:18,450
Like, if you can recall, during the registration of the client details in the GitHub we provided this

28
00:02:18,900 --> 00:02:24,120
spring security board to the same logo that you uploaded will be displayed.

29
00:02:24,240 --> 00:02:26,880
Otherwise, a different logo is being displayed here.

30
00:02:27,150 --> 00:02:34,410
But you have a logo uploaded that that logo also will be displayed here so that you are giving a better

31
00:02:34,410 --> 00:02:42,810
user experience to the resource, one at our user indicating, OK, my login has been deleted by so-and-so

32
00:02:42,810 --> 00:02:44,730
client to the GitHub.

33
00:02:44,880 --> 00:02:52,110
Now I'm authorizing this application, client application to get the resources about my basic details

34
00:02:52,110 --> 00:02:59,070
from the GitHub, like my email login details, repository details which can be leveraged by the client

35
00:02:59,070 --> 00:02:59,700
application.

36
00:02:59,820 --> 00:03:03,120
So now I have to enter my GitHub login credentials.

37
00:03:03,330 --> 00:03:10,920
And this is super safe because I'm right now in the GitHub login page itself, but not on the application

38
00:03:10,920 --> 00:03:11,730
login page.

39
00:03:11,880 --> 00:03:16,350
As soon as I click sign in force, successful authentication happens.

40
00:03:16,500 --> 00:03:20,640
You can see you are being redirected to the outraced application.

41
00:03:20,850 --> 00:03:28,650
But since we kept a breakpoint here, it's keep on rotating and you can see inside the token you will

42
00:03:28,650 --> 00:03:35,400
get all the details of the user inside the principle, like what is the name that is being maintained

43
00:03:35,400 --> 00:03:36,480
in the GitHub?

44
00:03:36,660 --> 00:03:39,000
What are the authorities that has been issued?

45
00:03:39,420 --> 00:03:43,350
User attributes like what is my login inside GitHub?

46
00:03:43,530 --> 00:03:45,900
From which note I'm getting these details.

47
00:03:45,910 --> 00:03:49,200
Norelli is a place where this alteration server has been deployed.

48
00:03:49,590 --> 00:03:54,540
And what is my outargue are like if someone wanted to see what is my avatar?

49
00:03:54,540 --> 00:03:59,370
You are it is also giving that you are all along with the followers.

50
00:03:59,370 --> 00:04:06,510
You are following me and at the same time following you are allowed to identify whom I am following,

51
00:04:06,660 --> 00:04:12,810
followed by what are the repositories that I maintain private repositories, everything you get from

52
00:04:12,810 --> 00:04:13,380
the GitHub.

53
00:04:13,380 --> 00:04:20,430
Since I am requesting GitHub like I am okay to provide these basic details to this client application.

54
00:04:20,610 --> 00:04:23,640
That way GitHub is sharing all these details to them.

55
00:04:23,940 --> 00:04:27,590
So now if you release this breakpoint, you will go and see.

56
00:04:27,750 --> 00:04:33,270
You can see we have been shown the message that is present in the secure that heads to you.

57
00:04:33,780 --> 00:04:41,010
So now if I refresh again, it don't go through that wall to flow and because my application already

58
00:04:41,010 --> 00:04:44,850
has access token, so there is no need for me to get them again.

59
00:04:44,850 --> 00:04:46,400
Access token from the observer.

60
00:04:46,620 --> 00:04:55,110
So in this way we can use the spring security framework to implement or to flows inside our application.

61
00:04:55,410 --> 00:04:59,490
I hope now you have a clear understanding how to implement a.

62
00:04:59,960 --> 00:05:05,480
Ocean floor using our to framework by leveraging the other was available in the industry.

63
00:05:05,660 --> 00:05:10,880
I also applaud the court that we built in this section to this video.

64
00:05:11,180 --> 00:05:16,630
Please download it and refer with what you have been doing along with me for any issues.

65
00:05:16,640 --> 00:05:17,930
But do you have any questions?

66
00:05:18,200 --> 00:05:21,000
Please feel free to post them in the Q&A section.

67
00:05:21,500 --> 00:05:21,940
Thank you.

68
00:05:21,950 --> 00:05:23,130
And see you in the next section.