Oauth 2.0 Introduction and Flows with MuleSoft
shyamraj55
206 views
31 slides
May 18, 2024
Slide 1 of 31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
About This Presentation
Learn about the basics of OAuth 2.0 and the different OAuth flows in this introductory video. Understand how OAuth works and the various authorization mechanisms involved.
Slide Content
Patna MuleSoft Meetup #29 Introduction of Oauth 2.0 and OAuth Flows
AGENDA Introduction of oauth 2.0 Oauth 2.0 Flows Oauth 2.0 Components How Oauth 2.0 scope helps to specify what resources or actions an client application can access on behalf of the resource owner. Implementation Benefits of Oauth 2.0 Demo Trivia Quiz *
Organizers Om Prakash Shyam Raj Prasad Amit Mohan
Safe Harbour Statement Both the speaker and the host are organizing this meet-up in individual capacity only. We are not representing our companies here. This presentation is strictly for learning purposes only. Organizer/Presenter do not hold any responsibility that same solution will work for your business requirements. This presentation is not meant for any promotional activities.
A recording of this meetup will be uploaded to events page within 24 hours. Questions can be submitted/asked at any time in the Chat/Questions & Answers Tab. Make it more Interactive!!! Share us the feedback! Rate this meetup session by filling feedback form at the end of the day. We Love Feedbacks !! Housekeeping
Speakers Rupmita Kundu W orking as Senior Engineer in Digital Engineering@Nttdata 5.5 Years Of experience iIT Certified MuleSoft Developer
Oauth 2.0 Introduction
Introduction to OAUTH 2.0 OAuth 2.0, short for "Open Authorization 2.0," is an industry-standard authorization framework that enables third-party applications to access a user's data without needing the user's credentials. It allows users to grant limited access to their resources, such as photos, videos, or personal information, to other applications or websites without compromising their security.
Oauth 2.0 Components Client Application : This is the application that wants to access the user's data, often referred to as the "client." Resource Owner : The user who owns the data that the client wants to access. Authorization Server : The server that authenticates the user and issues access tokens after the user successfully authorizes the client application. Resource Server : The server that hosts the protected resources, which the client application wants to access on behalf of the user. Authorization Grant : The credential representing the resource owner's authorization (e.g., username and password, authorization code, etc.). Access Token : A token that the client application presents to the resource server to access protected resources on behalf of the user. Scopes: It defines the specific permissions that the client is requesting.
Oauth 2.0 Authorization Flows Authorization Code Grant : Description : This flow is designed for web applications where the client can securely store a client secret. It involves multiple steps, including redirection of the user to the authorization server’s authorization endpoint, authorization, and exchange of an authorization code for an access token. Use Case : Web applications accessing resources on behalf of a user. Implicit Grant : Description : This flow is suitable for client-side applications like single-page apps (SPAs) or mobile apps where there's no secure storage for a client secret. It returns the access token directly to the client after user authentication and authorization. Use Case : Browser-based applications or mobile apps accessing resources on behalf of a user without a backend server .
Oauth 2.0 Authorization Flows Client Credentials Grant : Description : This flow is used by confidential clients (those capable of maintaining the confidentiality of their client credentials, typically server-side applications) to obtain an access token using their own credentials, not on behalf of a user. Use Case : Server-to-server communication where the client is acting on its own behalf. Resource Owner Password Credentials Grant : Description : This flow allows a client to directly exchange the resource owner's (user's) credentials for an access token. It's considered less secure because the client needs to handle the user's credentials. Use Case : Legacy or highly trusted applications where other flows are not feasible or practical.
Oauth 2.0 Authorization Flows Refresh Token Grant : Description : This flow allows a client to obtain a new access token using a refresh token, typically without requiring the user to re-authenticate. It extends the validity of access tokens. Use Case : Long-lived sessions where access tokens need to be refreshed periodically without requiring the user to log in again.
How scopes helps to prevent access to different resources OAuth 2.0 scopes access control to different resources within an API. When a client requests access to an API endpoint, the access token provided by OAuth 2.0 contains scopes indicating the permissions granted. When a request is made, Mule 4 automatically checks if the access token contains the necessary scopes for the requested resource. If the required scopes are present, access is granted; otherwise, access is denied.
Mulesoft Oauth 2.0 Provider The Mule OAuth 2.0 Provider is an OAuth 2.0 provider developed by MuleSoft. The provider allows you to configure your Mule application as an Authentication Manager in an OAuth 2.0 dance. With this role, your application can: Authenticate previously registered clients. Grant tokens. Validate tokens. Register and delete clients during the execution of a flow
Demo
Configure the OAuth 2.0 Provider Module : In Anypoint Platform, go to your Mule application. Add the "OAuth 2.0 Provider" module to your project from the Anypoint Exchange.
Configure the module by specifying parameters such as grant types,scopes,Token endpoint, client store, token store
Configure create client, delete client,validate client endpoints Deploy oauth2.0 application to cloudhub
Add oauth 2.0 security schemes to the applications specification. Apply policy oauth 2.0 policy to the application in api manager /authors: get: securedBy: [ oauth_2_0: {scopes: ["vendor1" ] }] /books: get: securedBy: [ oauth_2_0: {scopes: ["vendor2" ] }]
Configure oauth 2.0 policy for each endpoints.Add validate token url for oauth 2.0 provider
Request access to api from exchange
create client app for each vendor
Register client mule authorization server .
Generate token for the registered client
Test the application /authors endpoint with access token and give successful response
Test the application /books endpoint with the same access token and this time it will give error message "The required scopes are not authorized"
Benefits of Oauth 2.0 Enhanced Security: Uses tokens instead of passwords, making it safer for users and apps. Controlled Access: Lets users give apps permission to only the data they need. Easy to Use: Users can allow access without sharing their login details. Widely Supported: Works with many popular services like Google and Facebook. Flexible: Suitable for different types of apps, from web to mobile to server-to-server.
Trivia Quiz
Networking time
Thank You
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 206
- Slides 31
- Age 564 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
35 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
32 views
14
Fertility awareness methods for women in the society
Isaiah47
30 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
29 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
30 views