Using OATH and JWT in SpringBoot

Why doing this

I am building an application where I want to have authentication. I used JWT tokens before to authenticate users and manage roles for specific endpoints. This time I wanted to try something different and was already interested in using OAuth 2.0 login with Google. OAuth is an authorization framework that issues access (and ID) tokens rather than traditional server-side sessions. Some libraries still create an HTTP session to store the OAuth state, but the protocol itself is token based. I still want to define my own roles and keep tighter control over the claims the client receives. So I am combining the two approaches. Google handles the OAuth dance, then I read the ID token in my Spring Boot backend, enrich it with my own role model, and mint the JWT that the rest of the API consumes.