Authentication to REST API with OAuth2
Hi, I'm using REST API within a Web Java App to get query results which works great but the next step is to authenticate without having to use user's passwords.
Is using OAuth2 to authenticate, the best way to do it ?
I've tried it and so far I can't get the response that will give me the authorization code to get the access token via Java code. When I try with http requests, it's ok but I have to accept (through oauth2Grant.jsp button), but I am missing something with using it with a Java HttpURLConnection…
I think there are several others solutions that fit better to your case. As you do not want to add any new user authentication step:
if your queries are executed server side on the same host, the easiest way is to use nuxeo-platform-login-portal-sso. A simple query header with a shared secret and the authenticated username.
if your queries are server side without a DMZ, you have to sign the request to ensure it goes safe. In this case i'll recommend you to use Oauth1 2 legged. Take a look to this jersey client filter to see how to handle it: https://github.com/nuxeo/nuxeo.io-manager/blob/master/nuxeo-io-manager/src/main/java/org/nuxeo/io/connect/OauthAuthFilter.java.
if your queries are client <-> server, you can use nuxeo-platform-login-token, when authenticating a user; you'll ask Nuxeo to give you a token that you'll add to each user requests.
I was wondering if i could use it with a HttpURLConnection for a REST API request (…/nuxeo/api/v1) - JSON request, but I didn't know how to integrate it for the connection authorization. I'm going to look further, any hints ?
- Add expected headers
- Ensure you have the right authentication plugin in your chain
See below this well documented page: https://answers.nuxeo.com/general/q/7aa5aa168f3a41bcbf346fd4159e5eae/How-do-I-integrate-with-nuxeo-platform-login-portal-sso-in-my-portal