The document discusses micro frontends for Java microservices. It provides an overview of microservices and frameworks like Spring and JHipster that can be used to develop microservices in Java. It then introduces the concept of micro frontends as an architecture for microservice applications and demonstrates how to build a sample application with micro frontends using JHipster. It also covers securing microservices with OAuth 2.1 and shows a live demo of creating and running microservice applications with JHipster.
2. @mraible
Hi, I’m Matt Raible
Father, Husband, Skier, Mountain
Biker, Whitewater Rafter
Bus Lover
Web Developer and Java Champion
Okta Developer Advocate
Blogger on raibledesigns.com and
developer.okta.com/blog
@mraible
8. Agenda
A brief history of microservices
Microservices with Java
Microservices with JHipster
Introduction to Micro Frontends
Live Demo
Securing microservices with OAuth 2.1
Action!
10. “Any organization that designs a system
(defined broadly) will produce a design
whose structure is a copy of the
organization's communication structure.”
Conway’s Law
Melvin Conway 1967
14. Spring
History of Spring
October 2002 - Rod Johnson writes
J2EE Design & Development
2004 - Spring 1.0
2006 - Spring 2.0 with better XML
2009 - JavaConfig
2014 - Spring Boot 1.0
2015 - Spring Cloud 1.0
🍃
33. Demo
Create apps with JDL
Run apps and e2e tests
Run everything with Docker
Switch identity providers
@oktadev/auth0-micro-frontends-
jhipster-example
🤓
35. Improvements in OAuth 2.1
PKCE is required for all clients using the authorization code flow
Redirect URIs must be compared using exact string matching
The Implicit grant is omitted from this specification
The Resource Owner Password Credentials grant is omitted from this specification
Bearer token usage omits the use of bearer tokens in the query string of URIs
Refresh tokens for public clients must either be sender-constrained or one-time use
36. yelp.com/callback
Back to redirect URI
with authorization code
Exchange code for
access token and ID token
accounts.google.com
Email
**********
Go to authorization server
Redirect URI: yelp.com/cb
Scope: openid profile
Authorization Server
yelp.com
Connect with Google
Resource owner
Client
accounts.google.com
Allow Yelp to access your public
profile and contacts?
No Yes
Request consent
from resource owner
Hello Matt!
accounts.google
Get user info
with access token
/userinfo
OAuth 2.1 and OIDC