I'm assuming you are mainly interested in making your web application acting as OpenIdConnect client or RP, i.e, a user who is about to access this web application needs to authenticated first against Google/etc ?

CXF offers quite a decent support for it, I'd recommend to experiment with jaxrs_big_query and also jaxrs/basic_oidc, and also check

HTH, Sergey

On 12/02/18 10:11, Vassilis Virvilis wrote:

I am looking in CXF support for OAuth2 support in general and social logins in particular. See http://cxf.apache.org/docs/jax-rs-oauth2.html

From the docs it is not immediately evident if the OAuth2 support has been written with the "social login" workflow in mind. There is of course http://cxf.apache.org/docs/jax-rs-oauth2.html#JAX-RSOAuth2-ThirdPartyClientAuthentication but it still feels to me like the "I want to create and own OAuth2 server" case.

Is CXF supposed be used for such a task or should give up on CXF and use something else such as:

1) Apache Oltu: https://oltu.apache.org/
minus: Doesn't look very vibrant: https://mail-archives.apache.org/mod_mbox/oltu-dev/201801.mbox/%3CA760F1A0-A0C2-4039-B6FA-87320722DFAB%40adobe.com%3E

2) Google https://developers.google.com/api-client-library/java/google-oauth-java-client/oauth2 minus: I have already the CXF framework in place. Why use another framewrok?

3) Spring: https://geowarin.github.io/social-login-with-spring.html
minus: It's spring

4) Other: https://github.com/3pillarlabs/socialauth

Any suggestions are welcome.

Reply via email to