My journal for Code Fellows
0Auth2 has two choices when it comes to authentications providers which are,
In the reading there was a tuturial on how to get it set up using Github. When setup the application will generate an access taken that is used to ask GitGub for personal details where it is acting as a Resource Server. It will decode the taken and check if you have the correct permissions to access the users details. If everything clears then it will insert the user details in the Spring Security context for authentication.
I would like to learn more about how secure this setup is and what could be possible vulnerabilities.