[Backlogmanager] [FIWARE-JIRA] (HELP-9495) [fiware-stackoverflow] How to authenticate a java web app with KeyRock?

Fernando Lopez (JIRA) jira-help-desk at jira.fiware.org
Tue Jul 25 09:54:00 CEST 2017

Previous message: [Backlogmanager] [FIWARE-JIRA] (HELP-9498) [fiware-stackoverflow] access_token given by Oauth2 procedure is not authorized for accessing Orion FI-LAB
Next message: [Backlogmanager] [FIWARE-JIRA] (HELP-9489) [fiware-stackoverflow] Subscription in Orion Context Broker Fiware
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

     [ https://jira.fiware.org/browse/HELP-9495?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Fernando Lopez reassigned HELP-9495:
------------------------------------

    Assignee: Backlog Manager

> [fiware-stackoverflow] How to authenticate a java web app with KeyRock?
> -----------------------------------------------------------------------
>
>                 Key: HELP-9495
>                 URL: https://jira.fiware.org/browse/HELP-9495
>             Project: Help-Desk
>          Issue Type: Monitor
>          Components: FIWARE-TECH-HELP
>            Reporter: Backlog Manager
>            Assignee: Backlog Manager
>              Labels: fiware
>
> Created question in FIWARE Q/A platform on 01-09-2015 at 10:09
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/32326937/how-to-authenticate-a-java-web-app-with-keyrock
> +Question:+
> How to authenticate a java web app with KeyRock?
> +Description:+
> We are trying to create a user authentication in our web app ( that we are developing in Java Spring MVC). For our authentication we want to use the token and user info acquired from the users fiware.lab account on global instance of keyrock.
> Since Keyrock is based on OAuth2 protocol, what is the best approach to use keyrock from our web app?
> Is there a java library that we could use for this purpose?
> Is there a way to integrate spring security or apache oltu?
> Every example would be more than welecome.
> We only have the implementation of node.js but we need a java version of this:
> var express = require('express');
> var OAuth2 = require('./oauth2').OAuth2;
> var config = require('./config');
> // Express configuration
> var app = express();
> app.use(express.logger());
> app.use(express.bodyParser());
> app.use(express.cookieParser());
> app.use(express.session({
>     secret: "skjghskdjfhbqigohqdiouk"
> }));
> app.configure(function () {
>     "use strict";
>     app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
>     //app.use(express.logger());
>     app.use(express.static(__dirname + '/public'));
> });
> // Config data from config.js file
> var client_id = config.client_id;
> var client_secret = config.client_secret;
> var idmURL = config.idmURL;
> var response_type = config.response_type;
> var callbackURL = config.callbackURL;
> // Creates oauth library object with the config data
> var oa = new OAuth2(client_id,
>                     client_secret,
>                     idmURL,
>                     '/oauth2/authorize',
>                     '/oauth2/token',
>                     callbackURL);
> // Handles requests to the main page
> app.get('/', function(req, res){
>     // If auth_token is not stored in a session cookie it sends a button to redirect to IDM authentication portal 
>     if(!req.session.access_token) {
>         res.send("Oauth2 IDM Demo.<br><br><button onclick='window.location.href=\"/auth\"'>Log in with FI-WARE Account</button>");
>     // If auth_token is stored in a session cookie it sends a button to get user info
>     } else {
>         res.send("Successfully authenticated. <br><br> Your oauth access_token: " +req.session.access_token + "<br><br><button onclick='window.location.href=\"/user_info\"'>Get my user info</button>");
>     }
> });
> // Handles requests from IDM with the access code
> app.get('/login', function(req, res){
>     // Using the access code goes again to the IDM to obtain the access_token
>     oa.getOAuthAccessToken(req.query.code, function (e, results){
>         // Stores the access_token in a session cookie
>         req.session.access_token = results.access_token;
>         res.redirect('/');
>     });
> });
> // Redirection to IDM authentication portal
> app.get('/auth', function(req, res){
>     var path = oa.getAuthorizeUrl(response_type);
>     res.redirect(path);
> });
> // Ask IDM for user info
> app.get('/user_info', function(req, res){
>     var url = config.idmURL + '/user/';
>     // Using the access token asks the IDM for the user info
>     oa.get(url, req.session.access_token, function (e, response) {
>         var user = JSON.parse(response);
>         res.send("Welcome " + user.displayName + "<br> Your email address is " + user.email + "<br><br><button onclick='window.location.href=\"/logout\"'>Log out</button>");
>     });
> });
> // Handles logout requests to remove access_token from the session cookie
> app.get('/logout', function(req, res){
>     req.session.access_token = undefined;
>     res.redirect('/');
> });
> console.log('Server listen in port 80. Connect to localhost');
> app.listen(80);
> Edit 1
> Here is my set up:
> and the end result error I get when I call the token:



--
This message was sent by Atlassian JIRA
(v6.4.1#64016)

Previous message: [Backlogmanager] [FIWARE-JIRA] (HELP-9498) [fiware-stackoverflow] access_token given by Oauth2 procedure is not authorized for accessing Orion FI-LAB
Next message: [Backlogmanager] [FIWARE-JIRA] (HELP-9489) [fiware-stackoverflow] Subscription in Orion Context Broker Fiware
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Backlogmanager mailing list

You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy