In this liveProject, you will secure your REST API by identifying and fixing the basic vulnerabilities in JWT implementations in addition to tackling Cross-Site Scripting vulnerabilities, finding and fixing Cross-Site Request Forgery vulnerabilities, and exploiting and then securing Cross-Origin Resource Sharing misconfiguration.
This project is designed for learning purposes and is not a complete, production-ready application or solution.
This liveProject is for developers who know the basics of REST API development, who want to add JWT authentication to their toolbox. To begin this liveProject, you will need to be familiar with:
- Intermediate Java
- Basics of Java Spring
- Basics of SQL and JDBC
- Basics of Linux and command line
- Java IDEs such as Eclipse or IntelliJ IDEA
- Testing APIs via PostMan
- Basic debugging
- Code reviews
- Code refactoring
- Unit testing
you will learn
In this liveProject, you’ll learn reliable techniques for securing any REST API with JWT.
- Understanding the Procurement API specified in Open API Specification 3.0 using Swagger
- Setting up the environment to run the reference API implementation provided using Java
- Identifying the implementation vulnerabilities
- Fixing the Java code to remediate the vulnerabilities identified
- Retesting the new code for functionality using Postman