Skip to content

Flexible OAuth2 server library. Support for multiple frameworks

License

Notifications You must be signed in to change notification settings

mrvik/kotlin-oauth2-server

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Kotlin OAuth2 server

Goal

The goal of this project is to provide a simple OAuth2 library which can be implemented in any framework

Configuring the oauth2 server for any framework should be simple and understandable. It encourages to adapt to existing implementations instead the other way around.

Frameworks

Setup

Packages are hosted on GitHub. Authentication is required.

Maven

<properties>
    <myndocs.oauth.version>0.7.0</myndocs.oauth.version>
</properties>

<dependencies>
    <dependency>
        <groupId>nl.myndocs</groupId>
        <artifactId>oauth2-server-core</artifactId>
        <version>${myndocs.oauth.version}</version>
    </dependency>
    
    <!-- In memory dependencies -->
    <dependency>
        <groupId>nl.myndocs</groupId>
        <artifactId>oauth2-server-client-inmemory</artifactId>
        <version>${myndocs.oauth.version}</version>
    </dependency>
    <dependency>
        <groupId>nl.myndocs</groupId>
        <artifactId>oauth2-server-identity-inmemory</artifactId>
        <version>${myndocs.oauth.version}</version>
    </dependency>
    <dependency>
        <groupId>nl.myndocs</groupId>
        <artifactId>oauth2-server-token-store-inmemory</artifactId>
        <version>${myndocs.oauth.version}</version>
    </dependency>
</dependencies>

Gradle

dependencies {
    implementation "nl.myndocs:oauth2-server-core:$myndocs_oauth_version"
    // In memory dependencies
    implementation "nl.myndocs:oauth2-server-client-inmemory:$myndocs_oauth_version"
    implementation "nl.myndocs:oauth2-server-identity-inmemory:$myndocs_oauth_version"
    implementation "nl.myndocs:oauth2-server-token-store-inmemory:$myndocs_oauth_version"
}

Framework implementation

The following frameworks are supported:

Configuration

Routing

Default endpoints are configured:

Type Relative url
token /oauth/token
authorize /oauth/authorize
token info /oauth/tokeninfo

These values can be overridden:

tokenEndpoint = "/custom/token"
authorizationEndpoint = "/custom/authorize"
tokenInfoEndpoint = "/custom/tokeninfo"

In memory

In memory implementations are provided to easily setup the project.

Identity

On the InMemoryIdentity identities can be registered. These are normally your users:

identityService = InMemoryIdentity()
    .identity {
        username = "foo-1"
        password = "bar"
    }
    .identity {
        username = "foo-2"
        password = "bar"
    }

Client

On the InMemoryClient clients can be registered:

clientService = InMemoryClient()
    .client {
        clientId = "app1-client"
        clientSecret = "testpass"
        scopes = setOf("admin")
        redirectUris = setOf("https://localhost:8080/callback")
        authorizedGrantTypes = setOf(
                AuthorizedGrantType.AUTHORIZATION_CODE,
                AuthorizedGrantType.PASSWORD,
                AuthorizedGrantType.IMPLICIT,
                AuthorizedGrantType.REFRESH_TOKEN
        )
    }
    .client {
            clientId = "app2-client"
            clientSecret = "testpass"
            scopes = setOf("user")
            redirectUris = setOf("https://localhost:8080/callback")
            authorizedGrantTypes = setOf(
                    AuthorizedGrantType.AUTHORIZATION_CODE
            )
        }

Token store

The InMemoryTokenStore stores all kinds of tokens.

tokenStore = InMemoryTokenStore()

Converters

Access token converter

By default UUIDAccessTokenConverter is used. With a default time-out of 1 hour. To override the time-out for example to half an hour:

accessTokenConverter = UUIDAccessTokenConverter(1800)

To use JWT include the following dependency:

<dependency>
    <groupId>nl.myndocs</groupId>
    <artifactId>oauth2-server-jwt</artifactId>
    <version>${myndocs.oauth.version}</version>
</dependency>

This uses auth0 jwt. To configure:

accessTokenConverter = JwtAccessTokenConverter(
        algorithm = Algorithm.HMAC256("test123"), // mandatory
        accessTokenExpireInSeconds = 1800, // optional default 3600
        jwtBuilder = DefaultJwtBuilder // optional uses DefaultJwtBuilder by default
)

Refresh token converter

By default UUIDRefreshTokenConverter is used. With a default time-out of 1 hour. To override the time-out for example to half an hour:

refreshTokenConverter = UUIDRefreshTokenConverter(1800)

To use JWT include the following dependency:

<dependency>
    <groupId>nl.myndocs</groupId>
    <artifactId>oauth2-server-jwt</artifactId>
    <version>${myndocs.oauth.version}</version>
</dependency>

This uses auth0 jwt. To configure:

refreshTokenConverter = JwtRefreshTokenConverter(
        algorithm = Algorithm.HMAC256("test123"), // mandatory
        refreshTokenExpireInSeconds = 1800, // optional default 86400
        jwtBuilder = DefaultJwtBuilder // optional uses DefaultJwtBuilder by default
)

Code token converter

By default UUIDCodeTokenConverter is used. With a default time-out of 5 minutes. To override the time-out for example 2 minutes:

codeTokenConverter = UUIDCodeTokenConverter(120)

About

Flexible OAuth2 server library. Support for multiple frameworks

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Kotlin 100.0%