1
00:00:00,240 --> 00:00:05,340
In the previous section, we discussed a lot about what to framework and what are different components

2
00:00:05,340 --> 00:00:11,300
involved inside it and what are different art grant types that we have inside the framework.

3
00:00:11,430 --> 00:00:16,980
Now, in this section, let's try to leverage our spring security framework and understand how we can

4
00:00:16,980 --> 00:00:24,450
implement or to flow inside the simple application that we are going to build before we jump onto that.

5
00:00:24,480 --> 00:00:31,890
First, I want to let you know that in this section I'm going to use the GitHub authorization software

6
00:00:32,040 --> 00:00:36,450
to perform authentication and authorization inside my application.

7
00:00:36,630 --> 00:00:44,970
Again, you can build your own server also using spring security framework, but it's very real considering

8
00:00:45,150 --> 00:00:47,130
spring security operations.

9
00:00:47,140 --> 00:00:54,990
Our implementations are still a to be become more mature compared to other commercial Utsav was available

10
00:00:54,990 --> 00:00:55,940
inside the market.

11
00:00:56,040 --> 00:01:03,570
So due to this reason, I'm going to leverage GitHub attribution server in order to implement authentication

12
00:01:03,570 --> 00:01:07,130
and authorization inside my application so I know how to use it.

13
00:01:07,260 --> 00:01:14,190
As I said previously, anyone who want to use the observers of these organizations first they how to

14
00:01:14,190 --> 00:01:20,580
approach them and restart themselves with their own details like what is the client name application

15
00:01:20,580 --> 00:01:22,740
name, what are the redirect, you are told.

16
00:01:22,830 --> 00:01:28,470
So once you provide all those basic details that these providers are asking, you will get the client

17
00:01:28,470 --> 00:01:35,310
ID and client secret, which can be leveraged inside the what to authentication and authorization flows.

18
00:01:35,460 --> 00:01:36,160
So far the same.

19
00:01:36,270 --> 00:01:41,460
I just came to the GitHub website in order to register, go up to application.

20
00:01:41,670 --> 00:01:45,060
First, I have to be a user inside the GitHub.

21
00:01:45,270 --> 00:01:49,800
So if I don't have the login credentials, please start with the GitHub.

22
00:01:50,010 --> 00:01:52,440
Please go ahead and sign in this website.

23
00:01:52,590 --> 00:01:56,730
Otherwise, if you have the credentials, you can go and signing into the website.

24
00:01:56,820 --> 00:01:58,050
So I'm clicking signing.

25
00:01:58,200 --> 00:02:00,090
I'm entering my credentials here.

26
00:02:00,420 --> 00:02:08,550
Once your login is successful, you have to go to the user user profile icon, navigate to the settings.

27
00:02:08,550 --> 00:02:14,370
Once you are on to the settings page, go to the developer settings and here you have a section for

28
00:02:14,370 --> 00:02:15,150
what app?

29
00:02:15,300 --> 00:02:20,010
I want to create a new application with the OR to server as a client.

30
00:02:20,010 --> 00:02:28,590
So the application name that I want to do is bring security, underscore who are to whom page you are

31
00:02:28,590 --> 00:02:28,710
on.

32
00:02:28,710 --> 00:02:36,210
Since I don't have any website named ISTER for my application for simplicity purpose, I'll just give

33
00:02:36,230 --> 00:02:40,200
you Heggarty localhost adat application description.

34
00:02:40,200 --> 00:02:50,190
Also we can go like this is a sample application that uses GitHub or to pro callback.

35
00:02:50,190 --> 00:02:53,970
Gural is the one which we discussed like redirect.

36
00:02:53,970 --> 00:02:54,490
You are right.

37
00:02:54,510 --> 00:03:00,750
So this is a value that you have to mention and this will be a default value that GitHub will consider

38
00:03:00,990 --> 00:03:02,460
which will be redirected.

39
00:03:02,700 --> 00:03:06,450
The user wants authentication and authorization is successful.

40
00:03:06,660 --> 00:03:11,500
But if you want to have your own, you are for different, different requests.

41
00:03:11,520 --> 00:03:16,200
Then you can always send that in the request that you are going to make to the alteration.

42
00:03:16,200 --> 00:03:20,880
So but whatever you're mentioning here will be treated as a default.

43
00:03:20,880 --> 00:03:27,840
You are and will be used when the redirect you are a value is blank and the request coming to the SO.

44
00:03:28,070 --> 00:03:32,190
So once I click restart application, my application will be registered.

45
00:03:32,400 --> 00:03:40,230
As you can see, I will get a client data which I copy next for client secret you have to generated

46
00:03:40,230 --> 00:03:47,580
by clicking it generate new client secret and you can see here you'll get a client secret, which you

47
00:03:47,580 --> 00:03:49,740
can also copy at the same time.

48
00:03:49,740 --> 00:03:56,730
If you want to upload a local application logo for your application, you can also upload here.

49
00:03:56,910 --> 00:04:01,680
And once you generate the client I didn't integrate, you can click again, update application.

50
00:04:01,830 --> 00:04:09,270
So now you have the client ID and client secret, which you can be leveraged inside the auto framework

51
00:04:09,570 --> 00:04:10,710
in the next lecture.

52
00:04:10,980 --> 00:04:17,760
Let's try to understand what are the three requirements in my spring security framework in order to

53
00:04:17,760 --> 00:04:20,120
implement or to insert my application.

54
00:04:20,279 --> 00:04:22,260
Thank you and see you in the next section by.