We have a requirement to authenticate the backend api , so how can we Implement OAuth 2 in AEM as client.
Thanks
Topics help categorize Community content and increase your ability to discover relevant content.
Views
Replies
Total Likes
Hi @georhe6
Please refer
OAuth 2.0 Server Functionalities in AEM — Deep Dive | How to Manage the Protected AEM Resources thro...
OAuth provider:
Client ID
Client Secret
Token Endpoint URL
package com.wkend.aem.oauth;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;
@Component(service = OAuth2Client.class)
@Designate(ocd = OAuth2Client.Config.class)
public class OAuth2Client {
@ObjectClassDefinition(name = "OAuth 2.0 Client Configuration")
public @interface Config {
String clientId();
String clientSecret();
String tokenEndpoint();
}
private String clientId;
private String clientSecret;
private String tokenEndpoint;
@Activate
@Modified
protected void activate(Config config) {
this.clientId = config.clientId();
this.clientSecret = config.clientSecret();
this.tokenEndpoint = config.tokenEndpoint();
}
public String getAccessToken() throws Exception {
try (CloseableHttpClient client = HttpClients.createDefault()) {
HttpPost post = new HttpPost(tokenEndpoint);
post.setHeader("Content-Type", "application/x-www-form-urlencoded");
String body = "grant_type=client_credentials&client_id=" + clientId + "&client_secret=" + clientSecret;
post.setEntity(new StringEntity(body));
try (CloseableHttpResponse response = client.execute(post)) {
String responseBody = EntityUtils.toString(response.getEntity());
JSONObject jsonResponse = new JSONObject(responseBody);
return jsonResponse.getString("access_token");
}
}
}
}
<jcr:root xmlns:sling="http://sling.apache.org/jcr/sling/1.0"
xmlns:jcr="http://www.jcp.org/jcr/1.0"
jcr:primaryType="sling:OsgiConfig"
clientId="your-client-id"
clientSecret="your-client-secret"
tokenEndpoint="https://oauth-provider.com/token"/>
Hi @Raja_Reddy ,
Thanks for the response , here in our case the backend api team is setting up the authorization . And AEM is acting as the client here.
OAuth Integration -AEM (as client) on Cloud Service | by Tushar Bias | Medium
this will be relevant for us I guess.
@georhe6 Did you find the suggestion helpful? Please let us know if you need more information. If a response worked, kindly mark it as correct for posterity; alternatively, if you found a solution yourself, we’d appreciate it if you could share it with the community. Thank you!
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies
Views
Likes
Replies
Views
Likes
Replies