We have an App Engine flex Java REST API and want it to be secured with Google Cloud Endpoints. We have successfully done this with API key,
but we want to do it with JWT.
Our consumer for API is outside of Cloud and doesn't have a Google account. In the official documentation for App Engine flex, it has examples for API key but not for JWT. We have gone through (docs) but couldn't find anything for Java.
Related
I have an web application whcih allows only google users and uses spring-boot-starter-oauth2-client to obtain authentication. I want to integrate Google API into my application, but all examples using its onw Oath2 process to authenticate user. How can I reuse existing spring boot google login for interaction with google API services?
Thanks!
You have to use the spring-boot-starter-oauth2-client dependency that allows the client registration for oauth2 providers, but before that it's necessary the client-id and client-secret provided by your oauth2 provider (such google). Here's a nice guide of how do that.
I am creating a native android application and I am using keycloak authentication, because my web app and my API is already configured with keycloak. I setup Facebook and Google as identity providers for keycloak but now I don't know how I am supposed to configure it in the Android application.
For the general authentication I am using retrofit with rest calls to get the token and after that I am storing the token in Android Account manager.
I want my android app to successfully authenticate via Facebook or Google through Keycloak. Any suggestions, please?
The answer is that I should use the keycloak functionality for token exchange from external to internal. See for more details: https://github.com/keycloak/keycloak-documentation/blob/master/securing_apps/topics/token-exchange/token-exchange.adoc.
AWS Cognito primarly meant for Serverless user authentication from Mobile or Web application (Javascript).
The primary concern is that, we need to do client implementation for each of the client like Android, IOS and Javascript.
Instead of that can we have spring boot server which will expose a login/signup/action rest endpoint for all the above clients where the spring boot will authenticate/signup with Congnito on behalf of the clients and send the access_token response back to the client. This way, Conginto integration will be done only in one place which is the Spring boot application.
Can we go ahead with this approach? Does AWS SDK supports Java for cognito access from Server?
Here's an article which shows an example of implementing a Spring boot application that is able to authenticate the user against Amazon Cognito using OAuth 2.0 authorization code grant and JSON Web Tokens.
This github repo contains the example code in Kotlin
Probably, this is in some ways, similar to your usecase.
We are in the process of building a new web application and have decided our technology stack will use many AWS services, Java-Spring, and Angular2. We plan to also build iOS and Android apps in the future so I love the features that Cognito provides. However, I can't seem to find any good documentation/examples of Angular2/Java applications using Cognito. The sample apps seem to be strictly front-end or backend. How do I authenticate via Cognito in Angular2, while also checking Cognito user permissions in the back-end Java/Spring app? I need to authenticate my restful endpoints against the user logged in from Angular.
I work in a project using GAE.
I have a GAE app that consume Rest services from others GAE apps (this apps uses different Google Apis with 2LO oauth2, eg: one app uses Gcalendar Api, other Gmail Api, ...). The REST apps are in Java and use GoogleCredential for consume Google Apis. All the apps are in same domain (Company is own of all projects).
I need migrate the principal GAE app (also in Java) from 2LO Oauth 1 to 2LO Oauth2.
I see this example but not is 2LO. https://code.google.com/p/google-oauth-java-client/wiki/Samples
Can I use Credential from Google-Oauth-api or GoogleCredential? Or GoogleCredential is only for Google Apis?
Thanks.
This [1] is the 2LO OAuth 2.0 implementation of Google OAuth you can use on App Engine and is usually refereed as the OAuth for Server to Server Applications on public documentation. This method requires of a Service Account that you can obtain on the Google Developers Console of your app. More info here [2].
[1] https://developers.google.com/accounts/docs/OAuth2ServiceAccount
[2] https://developers.google.com/api-client-library/java/google-api-java-client/app-engine