OAuth2 got easy

Oauth2 sup­port ex­ists in Eclipse Vert.x since ver­sion 3.2.0. The im­ple­men­ta­tion fol­lows the prin­ci­ples that rule the whole vert.x ecosys­tem: un­opin­ion­ated, it does what you want it to do, sim­ple but not too sim­ple.

This works fine be­cause OAuth2 is a widely spread stan­dard and ven­dors ad­here to it quite well. How­ever due to the API and the de­tails of the spec­i­fi­ca­tion it re­quires some knowl­edge on what kind of flow your ap­pli­ca­tion needs to sup­port, what are the end­points for au­tho­riz­ing and get­ting to­kens. This in­for­ma­tion, even though eas­ily ac­ces­si­ble to any­one who’s got the time and will, to read the ven­dor doc­u­men­ta­tion is easy to find, but it means that de­vel­op­ers would need to spend time in a non-​project problem-​related task.

Vert.x thrives for being fast and pro­duc­tive, so what if we could help you fo­cus­ing on your de­vel­op­ment tasks rather than read­ing Oauth2 provider doc­u­men­ta­tion? This is what you can ex­pect for the next re­lease.

Out of the box you will find out that you can in­stan­ti­ate an OAuth2 provider as easy as:

Provider.create(vertx, clientId, clientSecret)

That’s it! sim­ple, to the point, sure it makes some as­sump­tions, it as­sumes that you want to use the ”AUTH_CODE” flow which is what you nor­mally do for web ap­pli­ca­tions with a back­end.

The sup­ported Provider im­ple­men­ta­tions will con­fig­ure the base API (which will be still avail­able) with the cor­rect URLs, scope en­cod­ing scheme or extra con­fig­u­ra­tion such as ”shopId”/”GUID” for Shopify/Azure AD.

So what sup­ported Providers can you al­ready find?

That’s a hand­ful of Providers, but there is more. Say that you want to en­sure that your SSL con­nec­tions are valid and want to con­trol the cer­tifi­cate val­i­da­tion. Every provider also ac­cepts a Http­Clien­tOp­tions ob­ject that will be used in­ter­nally when con­tact­ing your provider, so in this case, you have full se­cu­rity con­trol of your con­nec­tion, not just de­faults.

You can ex­pect this new code to land for 3.4 as it is not avail­able in the cur­rent re­lease (3.3.3).

Next post

Getting started with new fabric8 Vert.x Maven Plugin

The all new fabric8 Vert.x Maven Plugin allows you to setup, package, run, start, stop and redeploy easily with a very little configuration resulting in a less verbose pom.xml.

Read more
Previous post

Vert.x featuring Continuous Delivery with Jenkins and Ansible

This blog entry describes an approach to adopt Continuous Delivery for Vert.x applications using Jenkins and Ansible by taking advantage of the Jenkins Job DSL and Ansible plugins.

Read more
Related posts

Unit and Integration Tests

Let’s refresh our mind about what we developed so far in the introduction to vert.x series. We forgot an important task. We didn’t test the API.

Read more

Contract Driven REST Services with Vert.x3

We see a new trend in development where we are shifting from developing applications to APIs. More and more we see services being offered as REST APIs that we are allowed to consume.

Read more

Combine vert.x and mongo to build a giant

This blog post is part of the introduction to Vert.x series. We are now going to replace this JDBC client by the vertx-mongo-client, and thus connect to a Mongo database.

Read more