OpenID-Connect-Java-Spring-.../docs/Architecture.txt

This project is built on Spring 3.1 and Spring Security 3.1, making heavy use of the OAuth2 module of Spring Security OAuth (SECOAUTH). Wherever sensible, we have tried to make use of existing functionality in SECOAUTH, Spring, and Spring Security. 

This project tracks against the development version of SECOAUTH, which is included in the build directories as a Git submodule. This submodule must be initialized before the main project can be built. Once SECOAUTH stabilizes to sufficient point, this project will remove its submodule reference and instead use a Maven dependency.

This project is intended to be a standalone OpenID Connect Server. Extension and customization of this server can be accomplished by configuration through Spring configuration files, injected functionality through new Beans, and overlay of views and static resources (using Maven War Overlay or similar functionality).


There is a JWT library that handles serialization/deserialization and manipulation of JWTs. We have our own implementation of OAuth2AccessToken called OAuth2AccessTokenEntity which is backed by a JWT object and returns the serialized version of the JWT as the token's Value field. 


Managing users:
 UserDetailsService - used by Spring Security's AuthenticationProvider to represent the current user (loads a user from a given user id)
 AuthenticationUserDetailsService - Used by Spring Security to load a user from an authentication token
 UserInfoRepository - repository of user information that is fed into the UserInfoEndpoint's service

Managing OAuth tokens:
 AuthorizationServerTokenServices - provide tokens for the authorization server

Managing OAuth clients:
 ClientDetailsService - provide OAuth client information (used for OpenID Connect Clients)
added archetecture writeup skeleton, needs a lot more work 13 years ago			`This project is built on Spring 3.1 and Spring Security 3.1, making heavy use of the OAuth2 module of Spring Security OAuth (SECOAUTH). Wherever sensible, we have tried to make use of existing functionality in SECOAUTH, Spring, and Spring Security.`

			`This project tracks against the development version of SECOAUTH, which is included in the build directories as a Git submodule. This submodule must be initialized before the main project can be built. Once SECOAUTH stabilizes to sufficient point, this project will remove its submodule reference and instead use a Maven dependency.`

			`This project is intended to be a standalone OpenID Connect Server. Extension and customization of this server can be accomplished by configuration through Spring configuration files, injected functionality through new Beans, and overlay of views and static resources (using Maven War Overlay or similar functionality).`


			`There is a JWT library that handles serialization/deserialization and manipulation of JWTs. We have our own implementation of OAuth2AccessToken called OAuth2AccessTokenEntity which is backed by a JWT object and returns the serialized version of the JWT as the token's Value field.`


			`Managing users:`
			`UserDetailsService - used by Spring Security's AuthenticationProvider to represent the current user (loads a user from a given user id)`
			`AuthenticationUserDetailsService - Used by Spring Security to load a user from an authentication token`
			`UserInfoRepository - repository of user information that is fed into the UserInfoEndpoint's service`

			`Managing OAuth tokens:`
			`AuthorizationServerTokenServices - provide tokens for the authorization server`

			`Managing OAuth clients:`
			`ClientDetailsService - provide OAuth client information (used for OpenID Connect Clients)`