Tag: OAuth2

[Federated Authentication] Integration OpenAM with WSO2IS using Openid-Connect

In my previous blog post, we went through how you can configure the SAML2 SSO web application with Identity Server. Users authenticate to Identity Server by proving username/password. These username/password must be authenticated with the enterprise user store that is deployed with Identity Server. Therefore; only the user who are in the enterprise user store […]

Openid-connect support with OpenAM

In my previous blog, we tried out the openid connect support in WSO2IS. Now lets try out with OpenAM. As OpenAM supports password grant type with openid connect, we are just going to try with it now. Step 1. Deploy OpenAM and Start OpenAM server. Please find important guidelines on deploying OpenAM in Apache Tomcat […]

Validate and Process JWT tokens with Java

Lets see how we can process and validate the JWT token using simple java code.   We have generated a sample JWT token from WSO2IS.. You can find it in following   eyJ0eXAiOiJKV1QiLCJhbGciOiJTSEEyNTZ3aXRoUlNBIiwieDV0IjoiTm1KbU9HVXhNelpsWWpNMlpEUmhOVFpsWVRBMVl6ZGhaVFJpT1dFME5XSTJNMkptT1RjMVpBIn0.eyJpc3MiOiJodHRwOi8vd3NvMi5vcmcvZ2F0ZXdheSIsImV4cCI6MTQyNjczODI1MDkzNSwiaHR0cDovL3dzbzIub3JnL2dhdGV3YXkvc3Vic2NyaWJlciI6ImFkbWluIiwiaHR0cDovL3dzbzIub3JnL2dhdGV3YXkvYXBwbGljYXRpb25uYW1lIjoiT3BlbmlkQ29ubmVjdCIsImh0dHA6Ly93c28yLm9yZy9nYXRld2F5L2VuZHVzZXIiOiJhc2VsYUBjYXJib24uc3VwZXIiLCAiaHR0cDovL3dzbzIub3JnL2NsYWltcy9jb3VudHJ5IjoiVW5pdGVkIFN0YXRlcyIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VtYWlsYWRkcmVzcyI6ImFzZWxhQHNvYXNlY3VyaXR5Lm9yZyIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2Z1bGxuYW1lIjoiYXNlbGEiLCAiaHR0cDovL3dzbzIub3JnL2NsYWltcy9naXZlbm5hbWUiOiJBc2VsYSIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2xhc3RuYW1lIjoiUGF0aGJlcml5YSIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL29yZ2FuaXphdGlvbiI6InNvYXNlY3VyaXR5Lm9yZyIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL3JvbGUiOiJJbnRlcm5hbC9ldmVyeW9uZSIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL3Nob3ciOiJVbml0ZWQgU3RhdGVzIiwgImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvc3R1ZGlvIjoiQXNlbGEiLCAiaHR0cDovL3dzbzIub3JnL2NsYWltcy90ZWxlcGhvbmUiOiIrOTQ3Nzc2MjU5MzMifQ.d57VGVAhZmTpIMl8hiIUO8D7hAZl-bZm5TnDW9si3qnHFliMHsxlE6HJ7bSjmoobIgdqJ7xToWtOm2orrQKFxzF4xxkpNeU1-qGFoG6-IyRF-JAJao0xq6WIGk8fR2BSN_zxsNbR84-3FMWd6mljPnImWYLe_8mOBFyDcsuDCkk It has been signed using RS256 (RSA algorithm using SHA-256).  WSO2IS uses its primary keystore to sign the JWT token. By default […]

Custom grant type with OAuth 2.0

OAuth 2.0 Authorization servers support for four main grant types according to the specification. Also it has given the flexibility to support any custom grant types. Today, I am going to implement a custom grant type for OAuth 2.0 Authorization server. Also we are going to see how we can extend the behavior of default […]

Authorization for APIs with XACML and OAuth 2.0

In this blog post, let see how we can implement XACML to authorize the APIs. I wish you are familiar with OAuth 2.0 and lets directly go through the diagram   OAuth access token is granted to the application from OAuth Authorization Server. Application can use the Access Token to access the API resources in […]

Client Credential Grant Type with OAuth 2.0

Out of four major grant type in the OAuth 2.0 specification, Client credential is the simplest one. This can be used as an authorization grant when the authorization scope is limited to the protected resources under the control of the client. Basically when client owns the resources. It means that the client would be the […]