Re: CXF, OAuth2 and social login
Hi Sergey, Thanks for the quick replay. Yes your assumption is correct. Thank you for the pointer. I wasn't aware of that. Certainly looks interesting and more inline with my requirements. I will investigate further as my preference is to use CXF. I did my search and I didn't hit oidc before. Funny... Maybe CXF pages could use some SEO love. Thanks again Vassilis On 02/12/2018 12:58 PM, Sergey Beryozkin wrote: Hi I'm assuming you are mainly interested in making your web application acting as OpenIdConnect client or RP, i.e, a user who is about to access this web application needs to authenticated first against Google/etc ? CXF offers quite a decent support for it, I'd recommend to experiment with jaxrs_big_query and also jaxrs/basic_oidc, and also check http://cxf.apache.org/docs/jax-rs-oidc.html HTH, Sergey On 12/02/18 10:11, Vassilis Virvilis wrote: Hi, I am looking in CXF support for OAuth2 support in general and social logins in particular. See http://cxf.apache.org/docs/jax-rs-oauth2.html From the docs it is not immediately evident if the OAuth2 support has been written with the "social login" workflow in mind. There is of course http://cxf.apache.org/docs/jax-rs-oauth2.html#JAX-RSOAuth2-ThirdPartyClientAuthentication but it still feels to me like the "I want to create and own OAuth2 server" case. Is CXF supposed be used for such a task or should give up on CXF and use something else such as: 1) Apache Oltu: https://oltu.apache.org/ minus: Doesn't look very vibrant: https://mail-archives.apache.org/mod_mbox/oltu-dev/201801.mbox/%3CA760F1A0-A0C2-4039-B6FA-87320722DFAB%40adobe.com%3E 2) Google https://developers.google.com/api-client-library/java/google-oauth-java-client/oauth2 minus: I have already the CXF framework in place. Why use another framewrok? 3) Spring: https://geowarin.github.io/social-login-with-spring.html minus: It's spring 4) Other: https://github.com/3pillarlabs/socialauth Any suggestions are welcome.
Re: CXF, OAuth2 and social login
Hi I'm assuming you are mainly interested in making your web application acting as OpenIdConnect client or RP, i.e, a user who is about to access this web application needs to authenticated first against Google/etc ? CXF offers quite a decent support for it, I'd recommend to experiment with jaxrs_big_query and also jaxrs/basic_oidc, and also check http://cxf.apache.org/docs/jax-rs-oidc.html HTH, Sergey On 12/02/18 10:11, Vassilis Virvilis wrote: Hi, I am looking in CXF support for OAuth2 support in general and social logins in particular. See http://cxf.apache.org/docs/jax-rs-oauth2.html From the docs it is not immediately evident if the OAuth2 support has been written with the "social login" workflow in mind. There is of course http://cxf.apache.org/docs/jax-rs-oauth2.html#JAX-RSOAuth2-ThirdPartyClientAuthentication but it still feels to me like the "I want to create and own OAuth2 server" case. Is CXF supposed be used for such a task or should give up on CXF and use something else such as: 1) Apache Oltu: https://oltu.apache.org/ minus: Doesn't look very vibrant: https://mail-archives.apache.org/mod_mbox/oltu-dev/201801.mbox/%3CA760F1A0-A0C2-4039-B6FA-87320722DFAB%40adobe.com%3E 2) Google https://developers.google.com/api-client-library/java/google-oauth-java-client/oauth2 minus: I have already the CXF framework in place. Why use another framewrok? 3) Spring: https://geowarin.github.io/social-login-with-spring.html minus: It's spring 4) Other: https://github.com/3pillarlabs/socialauth Any suggestions are welcome.
CXF, OAuth2 and social login
Hi, I am looking in CXF support for OAuth2 support in general and social logins in particular. See http://cxf.apache.org/docs/jax-rs-oauth2.html From the docs it is not immediately evident if the OAuth2 support has been written with the "social login" workflow in mind. There is of course http://cxf.apache.org/docs/jax-rs-oauth2.html#JAX-RSOAuth2-ThirdPartyClientAuthentication but it still feels to me like the "I want to create and own OAuth2 server" case. Is CXF supposed be used for such a task or should give up on CXF and use something else such as: 1) Apache Oltu: https://oltu.apache.org/ minus: Doesn't look very vibrant: https://mail-archives.apache.org/mod_mbox/oltu-dev/201801.mbox/%3CA760F1A0-A0C2-4039-B6FA-87320722DFAB%40adobe.com%3E 2) Google https://developers.google.com/api-client-library/java/google-oauth-java-client/oauth2 minus: I have already the CXF framework in place. Why use another framewrok? 3) Spring: https://geowarin.github.io/social-login-with-spring.html minus: It's spring 4) Other: https://github.com/3pillarlabs/socialauth Any suggestions are welcome.
