Adobe Experience Manager Sites & More

georhe6 · 11/14/24

We have a requirement to authenticate the backend api , so how can we Implement OAuth 2 in AEM as client.

Thanks

Raja_Reddy · 11/14/24

Hi @georhe6
Please refer
OAuth 2.0 Server Functionalities in AEM — Deep Dive | How to Manage the Protected AEM Resources thro...
OAuth provider:
Client ID
Client Secret
Token Endpoint URL

package com.wkend.aem.oauth;

import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;

@Component(service = OAuth2Client.class)
@Designate(ocd = OAuth2Client.Config.class)
public class OAuth2Client {

    @ObjectClassDefinition(name = "OAuth 2.0 Client Configuration")
    public @interface Config {
        String clientId();
        String clientSecret();
        String tokenEndpoint();
    }

    private String clientId;
    private String clientSecret;
    private String tokenEndpoint;

    @Activate
    @Modified
    protected void activate(Config config) {
        this.clientId = config.clientId();
        this.clientSecret = config.clientSecret();
        this.tokenEndpoint = config.tokenEndpoint();
    }

    public String getAccessToken() throws Exception {
        try (CloseableHttpClient client = HttpClients.createDefault()) {
            HttpPost post = new HttpPost(tokenEndpoint);
            post.setHeader("Content-Type", "application/x-www-form-urlencoded");

            String body = "grant_type=client_credentials&client_id=" + clientId + "&client_secret=" + clientSecret;
            post.setEntity(new StringEntity(body));

            try (CloseableHttpResponse response = client.execute(post)) {
                String responseBody = EntityUtils.toString(response.getEntity());
                JSONObject jsonResponse = new JSONObject(responseBody);
                return jsonResponse.getString("access_token");
            }
        }
    }
}

<jcr:root xmlns:sling="http://sling.apache.org/jcr/sling/1.0"
          xmlns:jcr="http://www.jcp.org/jcr/1.0"
          jcr:primaryType="sling:OsgiConfig"
          clientId="your-client-id"
          clientSecret="your-client-secret"
          tokenEndpoint="https://oauth-provider.com/token"/>

georhe6 · 11/15/24

Hi @Raja_Reddy ,

Thanks for the response , here in our case the backend api team is setting up the authorization . And AEM is acting as the client here.

OAuth Integration -AEM (as client) on Cloud Service | by Tushar Bias | Medium
this will be relevant for us I guess.

kautuk_sahni · 3/4/25

@georhe6 Did you find the suggestion helpful? Please let us know if you need more information. If a response worked, kindly mark it as correct for posterity; alternatively, if you found a solution yourself, we’d appreciate it if you could share it with the community. Thank you!

Adobe Experience Manager Sites & More

How to Implement OAuth 2.0 in AEM as the Client Application | AEMasCS

Kautuk Sahni

Learn

Documentation

Events

Community

Support

Resources

Adobe account

Adobe