Reputation: 21
OAuth 2.0 Server
I'm trying to setup a private oauth2-server for usage with Android. I don't want any 3rd party-server to authorize, so my question is how to do this?
I had a look at Apache Oltu, but I haven't been able to find any HowTo to setup the server. Are there any instructions available or could someone who already did this help me?
Furthermore, is there a better solution? I don't want to just provide user/pwd-authorization (or even digest), because it's about getting an user-specific file, which should be automatically synced once in a while without asking for a password again.
Upvotes: 1
Views: 199
Answers (1)
Reputation: 7383
The Apache Oltu documentation contains some example code, which should help you understanding the basics. Then you should have a look at the integration tests, which contain code for nearly all use cases.
But you have to understand that Apache Oltu isn't a standalone solution. It's only a framework, which handles the network communication for OAuth authorization and resource requests. That means, you have to implement
- your own persistence layer for storing tokens.
- your own security interceptor which actually checks if the received token is valid. Oltu isn't integrated into the webserver, so you have to take care that requests don't bypass OAuth authorization.
- your own user registration process.
Upvotes: 1
Related Questions
- Android Oauth2 to authenticate my Spring Server
- How to implement OAuth2 authorization on Android
- How to configure OAuth2 connection in Android?
- JWT auth from android apps
- Oauth 2 on an Android app
- OAuth 2.0 on Android for Web login
- API authentication using Google OAuth 2.0
- oauth2.0 in external browser
- Android & OAUTH 2.0
- Authorization request header OAuth 2.0