CODEWITHSUNDEEP
javaoauth-2.0vert.x
Aniket Kulkarni
Aniket Kulkarni

Reputation: 2125

Vert.x Oauth 2 Authorization server

Can some one help me to setup Oauth 2 Authorisation server Vert.x (3.3.0).I dont find any documentation related to it. I found vertx-auth-oauth2 this vert.x module but I guess it will be useful if Authorisation server is different e.g

The following code snippet is from vert.x documentation

  OAuth2Auth oauth2 = OAuth2Auth.create(vertx, OAuth2FlowType.AUTH_CODE, new OAuth2ClientOptions()
        .setClientID("YOUR_CLIENT_ID")
        .setClientSecret("YOUR_CLIENT_SECRET")
        .setSite("https://github.com/login")
        .setTokenPath("/oauth/access_token")
        .setAuthorizationPath("/oauth/authorize")
);

// when there is a need to access a protected resource or call a protected method,
// call the authZ url for a challenge

String authorization_uri = oauth2.authorizeURL(new JsonObject()
    .put("redirect_uri", "http://localhost:8080/callback")
    .put("scope", "notifications")
    .put("state", "3(#0/!~"));

// when working with web application use the above string as a redirect url

// in this case GitHub will call you back in the callback uri one should now complete the handshake as:


String code = "xxxxxxxxxxxxxxxxxxxxxxxx"; // the code is provided as a url parameter by github callback call

oauth2.getToken(new JsonObject().put("code", code).put("redirect_uri", "http://localhost:8080/callback"), res -> {
  if (res.failed()) {
    // error, the code provided is not valid
  } else {
    // save the token and continue...
  }
});

It is using Github as Authorisation server.I am curious to know how to implement Authorisation server in vert.x ,i know spring security provides this feature i.e Oauth2Server and OAuth2Client.

Upvotes: 0

Views: 1407

Answers (1)

Paulo Lopes
Paulo Lopes

Reputation: 5811

Vert.x OAuth2 is just a OAuth2Client, there is no server implementation so you cannot get it from the Vert.x Project itself.

Vert.x OAuth2 supports the following flows:

  • Authorization Code Flow (for apps with servers that can store persistent information).
  • Password Credentials Flow (when previous flow can’t be used or during development).
  • Client Credentials Flow (the client can request an access token using only its client credentials)

Upvotes: 3

Related Questions