Expand my Community achievements bar.

How to Implement OAuth 2.0 in AEM as the Client Application | AEMasCS

Avatar

Level 4
Level 4
11/14/24 6:59:40 AM

We have a requirement to authenticate the backend api , so how can we Implement OAuth 2 in AEM as client.

 

Thanks

 

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

Experience Manager as a Cloud Service

Views

128

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
2 Replies

Avatar

Community Advisor
Community Advisor
11/14/24 8:55:42 AM

Hi @georhe6 
Please refer
OAuth 2.0 Server Functionalities in AEM — Deep Dive | How to Manage the Protected AEM Resources thro... 
OAuth provider:
Client ID
Client Secret
Token Endpoint URL

package com.wkend.aem.oauth;

import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;

@Component(service = OAuth2Client.class)
@Designate(ocd = OAuth2Client.Config.class)
public class OAuth2Client {

    @ObjectClassDefinition(name = "OAuth 2.0 Client Configuration")
    public @interface Config {
        String clientId();
        String clientSecret();
        String tokenEndpoint();
    }

    private String clientId;
    private String clientSecret;
    private String tokenEndpoint;

    @Activate
    @Modified
    protected void activate(Config config) {
        this.clientId = config.clientId();
        this.clientSecret = config.clientSecret();
        this.tokenEndpoint = config.tokenEndpoint();
    }

    public String getAccessToken() throws Exception {
        try (CloseableHttpClient client = HttpClients.createDefault()) {
            HttpPost post = new HttpPost(tokenEndpoint);
            post.setHeader("Content-Type", "application/x-www-form-urlencoded");

            String body = "grant_type=client_credentials&client_id=" + clientId + "&client_secret=" + clientSecret;
            post.setEntity(new StringEntity(body));

            try (CloseableHttpResponse response = client.execute(post)) {
                String responseBody = EntityUtils.toString(response.getEntity());
                JSONObject jsonResponse = new JSONObject(responseBody);
                return jsonResponse.getString("access_token");
            }
        }
    }
}

 

<jcr:root xmlns:sling="http://sling.apache.org/jcr/sling/1.0"
          xmlns:jcr="http://www.jcp.org/jcr/1.0"
          jcr:primaryType="sling:OsgiConfig"
          clientId="your-client-id"
          clientSecret="your-client-secret"
          tokenEndpoint="https://oauth-provider.com/token"/>





Views

94

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
11/15/24 5:56:13 AM
In response to Raja_Reddy

Hi @Raja_Reddy ,

Thanks for the response , here in our case the backend api team is setting up the authorization . And AEM is acting as  the client here. 

OAuth Integration -AEM (as client) on Cloud Service | by Tushar Bias | Medium
this will be  relevant for us I guess.

Views

39

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
AEM headless architecture Solved

Views

76

Likes

0

Replies

4
Passing parameters to Sling Model methods Solved

Views

104

Likes

0

Replies

2
Adobe Client Data Layer compatibility with React + Core Components

Views

56

Likes

0

Replies

0
How to Render the different version of Header for Specific Pages Using Experience Fragments in AEM?

Views

55

Likes

0

Replies

2
Best Site Search Engine with AEM

Views

68

Likes

0

Replies

3