Level 4

How to Implement OAuth 2.0 in AEM as the Client Application | AEMasCS

Forum|Forum|1 year ago
November 14, 2024
2 replies
985 views

We have a requirement to authenticate the backend api , so how can we Implement OAuth 2 in AEM as client.

Thanks

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Raja_Reddy

Community Advisor

Hi @georhe6
Please refer
OAuth 2.0 Server Functionalities in AEM — Deep Dive | How to Manage the Protected AEM Resources through OAuth 2.0 | by Albin Issac | Tech Learnings | Medium
OAuth provider:
Client ID
Client Secret
Token Endpoint URL

package com.wkend.aem.oauth;

import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;

@Component(service = OAuth2Client.class)
@Designate(ocd = OAuth2Client.Config.class)
public class OAuth2Client {

    @ObjectClassDefinition(name = "OAuth 2.0 Client Configuration")
    public @interface Config {
        String clientId();
        String clientSecret();
        String tokenEndpoint();
    }

    private String clientId;
    private String clientSecret;
    private String tokenEndpoint;

    @Activate
    @Modified
    protected void activate(Config config) {
        this.clientId = config.clientId();
        this.clientSecret = config.clientSecret();
        this.tokenEndpoint = config.tokenEndpoint();
    }

    public String getAccessToken() throws Exception {
        try (CloseableHttpClient client = HttpClients.createDefault()) {
            HttpPost post = new HttpPost(tokenEndpoint);
            post.setHeader("Content-Type", "application/x-www-form-urlencoded");

            String body = "grant_type=client_credentials&client_id=" + clientId + "&client_secret=" + clientSecret;
            post.setEntity(new StringEntity(body));

            try (CloseableHttpResponse response = client.execute(post)) {
                String responseBody = EntityUtils.toString(response.getEntity());
                JSONObject jsonResponse = new JSONObject(responseBody);
                return jsonResponse.getString("access_token");
            }
        }
    }
}

<jcr:root xmlns:sling="http://sling.apache.org/jcr/sling/1.0"
          xmlns:jcr="http://www.jcp.org/jcr/1.0"
          jcr:primaryType="sling:OsgiConfig"
          clientId="your-client-id"
          clientSecret="your-client-secret"
          tokenEndpoint="https://oauth-provider.com/token"/>

G

georhe6Author

Level 4

Hi @raja_reddy ,

Thanks for the response , here in our case the backend api team is setting up the authorization . And AEM is acting as the client here.

OAuth Integration -AEM (as client) on Cloud Service | by Tushar Bias | Medium
this will be relevant for us I guess.

kautuk_sahni

Community Manager

@georhe6 Did you find the suggestion helpful? Please let us know if you need more information. If a response worked, kindly mark it as correct for posterity; alternatively, if you found a solution yourself, we’d appreciate it if you could share it with the community. Thank you!

Kautuk Sahni

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded