package examples;
import io.vertx.core.Vertx;
import io.vertx.core.http.HttpServerResponse;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.User;
import io.vertx.ext.auth.authorization.AuthorizationProvider;
import io.vertx.ext.auth.authorization.PermissionBasedAuthorization;
import io.vertx.ext.auth.authorization.RoleBasedAuthorization;
import io.vertx.ext.auth.oauth2.*;
import io.vertx.ext.auth.oauth2.authorization.KeycloakAuthorization;
import io.vertx.ext.auth.oauth2.providers.*;
public class AuthOAuth2Examples {
public void example1(Vertx vertx) {
OAuth2Auth oauth2 = OAuth2Auth.create(vertx, new OAuth2Options()
.setFlow(OAuth2FlowType.AUTH_CODE)
.setClientID("YOUR_CLIENT_ID")
.setClientSecret("YOUR_CLIENT_SECRET")
.setSite("https://github.com/login")
.setTokenPath("/oauth/access_token")
.setAuthorizationPath("/oauth/authorize")
);
String authorization_uri = oauth2.authorizeURL(new JsonObject()
.put("redirect_uri", "http://localhost:8080/callback")
.put("scope", "notifications")
.put("state", "3(#0/!~"));
String code = "xxxxxxxxxxxxxxxxxxxxxxxx";
oauth2.authenticate(
new JsonObject()
.put("code", code)
.put("redirect_uri", "http://localhost:8080/callback"))
.onSuccess(user -> {
})
.onFailure(err -> {
});
}
public void example2(Vertx vertx, HttpServerResponse response) {
OAuth2Options credentials = new OAuth2Options()
.setFlow(OAuth2FlowType.AUTH_CODE)
.setClientID("<client-id>")
.setClientSecret("<client-secret>")
.setSite("https://api.oauth.com");
OAuth2Auth oauth2 = OAuth2Auth.create(vertx, credentials);
String authorization_uri = oauth2.authorizeURL(new JsonObject()
.put("redirect_uri", "http://localhost:8080/callback")
.put("scope", "<scope>")
.put("state", "<state>"));
response.putHeader("Location", authorization_uri)
.setStatusCode(302)
.end();
JsonObject tokenConfig = new JsonObject()
.put("code", "<code>")
.put("redirect_uri", "http://localhost:3000/callback");
oauth2.authenticate(tokenConfig)
.onSuccess(user -> {
})
.onFailure(err -> {
System.err.println("Access Token Error: " + err.getMessage());
});
}
public void example3(Vertx vertx) {
OAuth2Auth oauth2 = OAuth2Auth.create(
vertx,
new OAuth2Options()
.setFlow(OAuth2FlowType.PASSWORD));
JsonObject tokenConfig = new JsonObject()
.put("username", "username")
.put("password", "password");
oauth2.authenticate(tokenConfig)
.onSuccess(user -> {
String httpAuthorizationHeader = user.principal()
.getString("access_token");
})
.onFailure(err -> {
System.err.println("Access Token Error: " + err.getMessage());
});
}
public void example4(Vertx vertx) {
OAuth2Options credentials = new OAuth2Options()
.setFlow(OAuth2FlowType.CLIENT)
.setClientID("<client-id>")
.setClientSecret("<client-secret>")
.setSite("https://api.oauth.com");
OAuth2Auth oauth2 = OAuth2Auth.create(vertx, credentials);
JsonObject tokenConfig = new JsonObject();
oauth2.authenticate(tokenConfig)
.onSuccess(user -> {
})
.onFailure(err -> {
System.err.println("Access Token Error: " + err.getMessage());
});
}
public void example5(OAuth2Auth oauth2, User user) {
if (user.expired()) {
oauth2.refresh(user)
.onSuccess(refreshedUser -> {
})
.onFailure(err -> {
});
}
}
public void example6(OAuth2Auth oauth2, User user) {
oauth2.revoke(user, "access_token")
.onSuccess(v -> {
oauth2.revoke(user, "refresh_token")
.onSuccess(v2 -> {
System.out.println("token revoked.");
});
});
}
public void example13(Vertx vertx) {
JsonObject keycloakJson = new JsonObject()
.put("realm", "master")
.put("realm-public-key", "MIIBIjANBgkqhk...wIDAQAB")
.put("auth-server-url", "http://localhost:9000/auth")
.put("ssl-required", "external")
.put("resource", "frontend")
.put("credentials", new JsonObject()
.put("secret", "2fbf5e18-b923-4a83-9657-b4ebd5317f60"));
OAuth2Auth oauth2 = KeycloakAuth
.create(vertx, OAuth2FlowType.PASSWORD, keycloakJson);
oauth2.authenticate(
new JsonObject()
.put("username", "user")
.put("password", "secret"))
.onSuccess(user -> {
AuthorizationProvider authz = KeycloakAuthorization.create();
authz.getAuthorizations(user)
.onSuccess(v -> {
if (
RoleBasedAuthorization.create("manage-account")
.setResource("account")
.match(user)) {
}
});
});
}
public void example14(User user) {
JsonObject idToken = user.attributes().getJsonObject("idToken");
String username = user.principal().getString("preferred_username");
}
public void example15(OAuth2Auth oauth2, User user) {
oauth2.authenticate(new JsonObject().put("access_token", "opaque string"))
.onSuccess(theUser -> {
});
oauth2.authenticate(user.principal())
.onSuccess(authenticatedUser -> {
});
}
public void example16(OAuth2Auth oauth2) {
oauth2.authenticate(new JsonObject().put("access_token", "jwt-token"))
.onSuccess(theUser -> {
});
}
public void example17(User user) {
if (PermissionBasedAuthorization.create("print").match(user)) {
}
}
public void example18(User user) {
if (
PermissionBasedAuthorization.create("add-user")
.setResource("realm")
.match(user)) {
}
}
public void example19(User user) {
if (
PermissionBasedAuthorization.create("year-report")
.setResource("finance")
.match(user)) {
}
}
public void example20(AccessToken user) {
user.logout(res -> {
if (res.succeeded()) {
} else {
System.err.println(res.cause());
}
});
}
public void example21(User user) {
boolean isExpired = user.expired();
}
public void example22(OAuth2Auth oauth2, User user) {
oauth2.refresh(user)
.onSuccess(refreshedUser -> {
})
.onFailure(err -> {
});
}
public void example23(OAuth2Auth oauth2, User user) {
oauth2.revoke(user, "access_token")
.onSuccess(v -> {
})
.onFailure(err -> {
});
}
public void example24(OAuth2Auth oauth2, User user) {
oauth2.authenticate(user.principal())
.onSuccess(validUser -> {
})
.onFailure(err -> {
});
}
public void example25(Vertx vertx) {
OpenIDConnectAuth.discover(
vertx,
new OAuth2Options()
.setClientID("clientId")
.setClientSecret("clientSecret")
.setSite("https://accounts.google.com"))
.onSuccess(oauth2 -> {
})
.onFailure(err -> {
});
}
public void example25b(Vertx vertx) {
KeycloakAuth.discover(
vertx,
new OAuth2Options()
.setClientID("clientId")
.setClientSecret("clientSecret")
.setSite("http://keycloakhost:keycloakport/auth/realms/{realm}")
.setTenant("your-realm"))
.onSuccess(oauth2 -> {
});
GoogleAuth.discover(
vertx,
new OAuth2Options()
.setClientID("clientId")
.setClientSecret("clientSecret"))
.onSuccess(oauth2 -> {
});
SalesforceAuth.discover(
vertx,
new OAuth2Options()
.setClientID("clientId")
.setClientSecret("clientSecret"))
.onSuccess(oauth2 -> {
});
AzureADAuth.discover(
vertx,
new OAuth2Options()
.setClientID("clientId")
.setClientSecret("clientSecret")
.setTenant("your-app-guid"))
.onSuccess(oauth2 -> {
});
IBMCloudAuth.discover(
vertx,
new OAuth2Options()
.setClientID("clientId")
.setClientSecret("clientSecret")
.setSite("https://<region-id>.appid.cloud.ibm.com/oauth/v4/{tenant}")
.setTenant("your-tenant-id"))
.onSuccess(oauth2 -> {
});
}
public void example26(Vertx vertx) {
OpenIDConnectAuth.discover(
vertx,
new OAuth2Options()
.setClientID("clientId")
.setTenant("your_realm")
.setSite("http://server:port/auth/realms/{tenant}"))
.onSuccess(oauth2 -> {
});
}
public void example21(OAuth2Auth oauth2) {
oauth2.jWKSet()
.onSuccess(v -> {
});
}
public void example22(OAuth2Auth oauth2) {
oauth2.missingKeyHandler(keyId -> {
if (keyId.equals("the-new-id")) {
oauth2.jWKSet(res -> {
});
}
});
}
}