I have scoured the internet and cannot find a good example to get started with a simple SPA that authenticates via an ajax POST to my dropwizard rest api. The doc on the site around authorisation is quite limited so I have no idea how to get started. Ideally I would like to authenticate, and receive a token in my client that I can then use to access other functions in my api. Can anyone help with this?
I found this example useful when implementing OAuth2 with Dropwizard: https://github.com/remmelt/dropwizard-oauth2-provider
For posting data with JQuery to the backend service you can refer to the documentation: http://api.jquery.com/jquery.post/
Related
I am developing an application and I am using Spring Security. My question is - is there a way to call the exact logic that is run when I send a post request to /login (default), but from within the programme?
Normally, I post my LoginUserDto object to /login endpoint to login. However, I am implementing facebook login now, so I am constructing my LoginUserDto on the server side from whatever data I get from facebook based on user's access token. Now I just need to call the same logic that I would normally call with the rest call to /login, but from within the code in order to return tokens.
Does anyone know how this can be done?
Thanks
You should look at Spring Security 5's inbuilt support for OAuth2, as this will be the easiest way to incorporate Facebook as an external Authorization Server. There is some good documentation which walks through what is necessary via OAuth2 Login. Additionally, I found working with the oauth2login sample code from the Spring Security Repository extremely helpful to understand how the application should be configured, and it has a section for integrating with Facebook.
I'm starting a new project with Spring boot as backend and React.js as frontent.
Right now I'm struggling with Login/Authentication issue. I would like to provide Account-Kit from facebook but have few queries.
One of them is from where should I create a request to FB sdk for access token? Should it be server (spring), or react which then posts that data to server? Is it possible to call Accout-Kit from java?
I'm quite new to the topic and would be grateful for any answer.
You should call AccountKit from your client side js. For additional security, you can use code flow (instead of token flow) and pass the code to your server side. From there you can make a REST call to the Graph API and exchange that code + app secret for a token from server side. There is an example on the documentation that shows this flow using node.js, you should be able to make some server side changes to make it run on your setup.
Also, have you tried using react-account-kit-web?
I am looking for building an iOS/Android and Angular app with Java at the backend(REST API). Java will use spring framework. I am looking for the options for User authentication. iOS/Android App will be used by the client and Angular web app will be used my management. Angular web users will have different roles so requirement requires authentication(email and password) as well as authorization. Considering this I was thinking of using Spring Security with a custom UserDetailService. However I guess that will have issues with cookies. I looked into AWS Cognito Identity and Firebase and got more confused. It will be a great help if someone can share there experience with such requirement.
i had created basic login application in angular application by referring the links:
http://jasonwatmore.com/post/2015/03/10/angularjs-user-registration-and-login-example-tutorial
and i have used cakePHP3 for rest API generation and Token is generated on the the basis of JWT, JSON Web Token (JWT) is a JSON-based open standard used for passing claims between two parties in the context of web application environment. These token are specially designed to be very compact and URL safe. Their usability in the context of web browser single sign-on is also remarkable. JWT claims are useful for passing identities’ verification between service providers and identity providers. you'll find the reference links on internet.
for android and IOS you need to learn JSON parsing first. In android, JSON parsing can be done using OKHttpclient/Volley "android hive" is best site to learn jsonParsing and in IOS jsonParsing can be done using AFNetworking.
Hope this will help you.
The Ideal Project for you is Spring Security OAuth2. With this you can make your REST API Stateless and no need to worry about Cookies and Sessions.
I am developing a application which uses Spring Rest services. I am using basic auth for authentication. I know that it is unsecure. My end client are capable of handling OAuth. I want to use OAuth, can any one point me to how to do OAuth in Java. I saw some examples they mention about Twitter , Google and Facebook.But I don't want to use social networking sites.
OAuth is a concept, and not any library which you can inject, (of course libraries exists to implement that)
So if you want to have OAuth in your application (i.e your application has its own OAuth), you have to setup following things
Authentication Server
Provide Provision to Manage OAuth Clients
Manage AccessTokens
Check out the OAuth 2.0 Specification to get clear understanding of how it works and how to build your own.
https://www.rfc-editor.org/rfc/rfc6749
I'm a Core Java developer and only just starting to learn J2EE and have to develop a Client Test Stub that will test sending HTTP Requests and receiving Server Sent Events from a REST interface. My knowledge of REST is summed up by knowing the acronym and that's it. Can anyone point me in a "learner friendly" direction to get something up and running? So many options but being familiar with Java - I'm better off trying to keep it simple. Any ideas for a starting point for "an extreme beginner"?
You might want to check out Apache HttpClient. This gives you access to a nice and complete Http library with which you could start to build up all the methods (GET, POST, DELETE, PUT) to connect with your REST service.
Good Luck.
Spring RestTemplate class could be useful. Here is simple usage guide at official site page e.g. retrieving RESTful service response as Java-object.
Wrapper response = new RestTemplate().getForObject("http://any-api-url", Wrapper.class)