Skip to content
Flexible OAuth2 server library. Support for multiple frameworks
Branch: develop
Clone or download
Latest commit e4133ad Feb 12, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github/ISSUE_TEMPLATE
docs
oauth2-server-client-inmemory
oauth2-server-core
oauth2-server-http4k
oauth2-server-identity-inmemory snapshot Feb 12, 2019
oauth2-server-javalin snapshot Feb 12, 2019
oauth2-server-json
oauth2-server-jwt snapshot Feb 12, 2019
oauth2-server-ktor snapshot Feb 12, 2019
oauth2-server-sparkjava
oauth2-server-token-store-inmemory
.gitignore
Jenkinsfile Fix indenting Feb 12, 2019
LICENSE
README.md
pom.xml

README.md

Kotlin OAuth2 server

Goal

The goal of this project is to provide a simple OAuth2 library which can be implemented in any framework

Configuring the oauth2 server for any framework should be simple and understandable. It encourages to adapt to existing implementations instead the other way around.

Frameworks

Setup

Maven

First define the version to be used and set it as a property

<properties>
    <myndocs.oauth.version>0.5.0</myndocs.oauth.version>
</properties>

Include the following repository in order to download the artifacts

<repositories>
    <repository>
        <id>myndocs-oauth2</id>
        <url>https://dl.bintray.com/adhesivee/oauth2-server</url>
    </repository>
</repositories>

For the frameworks examples we need at least the following dependencies:

<dependency>
    <groupId>nl.myndocs</groupId>
    <artifactId>oauth2-server-core</artifactId>
    <version>${myndocs.oauth.version}</version>
</dependency>

<!-- In memory dependencies -->
<dependency>
    <groupId>nl.myndocs</groupId>
    <artifactId>oauth2-server-client-inmemory</artifactId>
    <version>${myndocs.oauth.version}</version>
</dependency>
<dependency>
    <groupId>nl.myndocs</groupId>
    <artifactId>oauth2-server-identity-inmemory</artifactId>
    <version>${myndocs.oauth.version}</version>
</dependency>
<dependency>
    <groupId>nl.myndocs</groupId>
    <artifactId>oauth2-server-token-store-inmemory</artifactId>
    <version>${myndocs.oauth.version}</version>
</dependency>

Framework implementation

The following frameworks are supported:

Configuration

Routing

Default endpoints are configured:

Type Relative url
token /oauth/token
authorize /oauth/authorize
token info /oauth/tokeninfo

These values can be overridden:

tokenEndpoint = "/custom/token"
authorizationEndpoint = "/custom/authorize"
tokenInfoEndpoint = "/custom/tokeninfo"

In memory

In memory implementations are provided to easily setup the project.

Identity

On the InMemoryIdentity identities can be registered. These are normally your users:

identityService = InMemoryIdentity()
    .identity {
        username = "foo-1"
        password = "bar"
    }
    .identity {
        username = "foo-2"
        password = "bar"
    }

Client

On the InMemoryClient clients can be registered:

clientService = InMemoryClient()
    .client {
        clientId = "app1-client"
        clientSecret = "testpass"
        scopes = setOf("admin")
        redirectUris = setOf("https://localhost:8080/callback")
        authorizedGrantTypes = setOf(
                AuthorizedGrantType.AUTHORIZATION_CODE,
                AuthorizedGrantType.PASSWORD,
                AuthorizedGrantType.IMPLICIT,
                AuthorizedGrantType.REFRESH_TOKEN
        )
    }
    .client {
            clientId = "app2-client"
            clientSecret = "testpass"
            scopes = setOf("user")
            redirectUris = setOf("https://localhost:8080/callback")
            authorizedGrantTypes = setOf(
                    AuthorizedGrantType.AUTHORIZATION_CODE
            )
        }

Token store

The InMemoryTokenStore stores all kinds of tokens.

tokenStore = InMemoryTokenStore()

Converters

Access token converter

By default UUIDAccessTokenConverter is used. With a default time-out of 1 hour. To override the time-out for example to half an hour:

accessTokenConverter = UUIDAccessTokenConverter(1800)

To use JWT include the following dependency:

<dependency>
    <groupId>nl.myndocs</groupId>
    <artifactId>oauth2-server-jwt</artifactId>
    <version>${myndocs.oauth.version}</version>
</dependency>

This uses auth0 jwt. To configure:

accessTokenConverter = JwtAccessTokenConverter(
        algorithm = Algorithm.HMAC256("test123"), // mandatory
        accessTokenExpireInSeconds = 1800, // optional default 3600
        jwtBuilder = DefaultJwtBuilder // optional uses DefaultJwtBuilder by default
)

Refresh token converter

By default UUIDRefreshTokenConverter is used. With a default time-out of 1 hour. To override the time-out for example to half an hour:

refreshTokenConverter = UUIDRefreshTokenConverter(1800)

To use JWT include the following dependency:

<dependency>
    <groupId>nl.myndocs</groupId>
    <artifactId>oauth2-server-jwt</artifactId>
    <version>${myndocs.oauth.version}</version>
</dependency>

This uses auth0 jwt. To configure:

refreshTokenConverter = JwtRefreshTokenConverter(
        algorithm = Algorithm.HMAC256("test123"), // mandatory
        refreshTokenExpireInSeconds = 1800, // optional default 86400
        jwtBuilder = DefaultJwtBuilder // optional uses DefaultJwtBuilder by default
)

Code token converter

By default UUIDCodeTokenConverter is used. With a default time-out of 5 minutes. To override the time-out for example 2 minutes:

codeTokenConverter = UUIDCodeTokenConverter(120)
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.