How to enable OAuth1 Server support for Jersey 2.9 based RESTful web services? Is there any example project demonstrating the required features? The user (Android App) should get HTTP 401, if he does not include authenticated token in request header.
See reference docs: https://jersey.java.net/documentation/latest/user-guide.html#d0e10946
First step in enabling Jersey OAuth 1 support is to register a
OAuth1ServerFeature instance initialized with an instance of
OAuth1Provider. Additionally, you may configure the Request Token URI
and Access Token URI - the endpoints accessible on the OAuth server
that issue Request and Access Tokens. These endpoints are defined in
the OAuth 1 specification and are contacted as part of the OAuth
authorization flow.
Should I use OAuth1 server support for securing Jersey 2.9 based web services? Is there any other better library that can be used to implement token based authentication for Jersey based RESTful web services?
Related
I am having WCF client which consumes SOAP based web service which has OAuth authentication. My WCF service gets consumed by some other service but my issue is about authentication when it consumes web service.
My WCF client, consumes web service using proxy generated classes approach. I am able to get Bearer token for OAuth authentication and pass it to request http header as well however, proxy generated class expects binding configuration as well.
var client = new ExchangeServicePortTypeClient("EndPointConfigurationName", "WebServiceURL")
I have tried basicHttpBinding, customBinding (AuthenticationMode="IssuedToken/IssuedTokenForCertificate/IssuedTokenOverTransport"), wsHttpBinding (security mode Message & ClientCredentialType 'IssuedToken" but no luck.
I am assuming due to wrong not supported binding configuration authorization bearer token I am sending is not getting accounted.
I am able to consume this web service from console application successfully where I am not using proxy generated classes approach. So I just required to pass authorization bearer token in header and no binding information.
request.Headers.Add("Authorization", "Bearer " + accessToken);
Can someone please suggest what binding information I should add in my WCF client which can support OAuth authentication ?
Thanks,
From the Google Doc, I see below are the options to fetch an access token for the directory API
Web server applications i.e Client Credentials
Installed applications (Mostly same as Client Credentials approach
which we currently support but with the use of applications
installed)
Client-side (JavaScript) applications (For JavaScript applications
that run in a browser)
Applications on limited-input devices (For Limited-input devices such
as TV, game consoles, video cameras, and printers)
Service Account
Reference Doc:
https://developers.google.com/identity/protocols/oauth2
Is there any API to Fetch an access token from SAML bearer assertion for the directory API and if yes then what information does this API needs and is there any Doc to do so
Example Directory API for which I am looking to connect -
Directory API used for user creation: https://www.googleapis.com/admin/directory/v1/users
Answer:
Unfortunately, at current Google doesn't support client authorization and authentication for their APIs via SAML 2.0 Profiles.
More Information:
As you've already pointed out, the only supported methods of fetching an access token at the present time are those mentioned in the documentation page titled "Using OAuth 2.0 to Access Google APIs".
Feature Request:
You can however let Google know that this is a feature that is important for access to their APIs, and that you would like to request they implement it.
Google's Issue Tracker is a place for developers to report issues and make feature requests for their development services, I'd urge you to make a feature request there. While there is no component for general OAuth2 or Authentication methods, given your requirements I would suggest filing it under the Admin SDK component which you can find here
References:
Using OAuth 2.0 to Access Google APIs | Google Identity Platform
Further Reading:
RFC 7522 - Security Assertion Markup Language (SAML) 2.0 Profile
for OAuth 2.0 Client Authentication and Authorization Grants
I have a secured API with OAuth and I have no other authorization mechanism (Basic Auth/ Digest Auth).
Based on article https://apim.docs.wso2.com/en/latest/learn/design-api/endpoints/endpoint-types/:
"You cannot call backend services secured with OAuth through APIs created in the API Publisher. At the moment, you can call only services secured with username/password (Basic Auth/ Digest Auth)."
Are there any plans to implement this feature in WSO2?
Although this feature is not available OOB, you can get this done via a mediation extension. Please check this article [1] where it explains on how to invoke a backend that is secured by OAuth2.
Currently, this feature is under development and will be adding to the product in the next release.
[1] - https://medium.com/#menakajayawardena/wso2-how-to-using-oauth2-protected-back-ends-with-api-manager-5d7e234c61c
Is there any way to use token based and session based authentication using Web API OData. An instance is on-primes 2016.
If ADFS, then how to add web app and also how to generate api token.
Thanks
I am new to this wso2 evaluating wso2,
I am using Identity Server I have web application , want to apply web SSO feature using WSo2, I had check there are soap web service present in wso2 for UserAdmin,
https://server-info:9443/services/UserAdmin.UserAdminHttpsSoap12Endpoint/ using soap client for test , for dev have to write java client for request
but did not find any web services related WEB SSO for example I require authentication web service which will accept Username/password return some token information and using that token I can store in session for single sign out
Is there any web service/ API in wso2 provide authentication? or what is best approach for implement SSO using wso2 for web applications.
Thanks
If you are looking for SSO with WSO2IS, WSO2IS supports several standard ways to achieve it. They are,
SAML2 SSO
OpenId Connect
OpenId
Passive STS (for windows based applications)
From above, most popular way is to use SAML2 SSO or Openid connect. Your web application also must support to talk with WSO2IS using above standards. Say, if you need to achieve SSO using SAML2 SSO. You application needs to send the SAML2 Request and process the SAML2 Response in standard way as mentioned in SAML2 SSO spec. You can find a sample web application that has been implemented to work with WSO2IS from here. This blog contains all configuration details that you need to do in WSO2IS side as well. You can even use the sample web application with other SAML2 IDP as sample web application is talking in standard way. Also. if you are looking for Openid connect, you can find another sample web application from here with config details. I hope this would be a good starting points for you.