Keyrock - Lesson 3. Applications. How to create OAuth2 tokens

Identity Management - Keyrock GELesson 3. Applications. How to create OAuth2 tokens.

Álvaro Alonso. UPM – DITSecurity Chapter. FIWAREaalonsog@dit.upm.es, @larsonalonso

Contents

1. Registering an Application

2. Node.js web application example

Main concepts. OAuth2

3

Main concepts. OAuth2

4

Account

Main concepts. OAuth2

5

Main concepts. OAuth2

Login with

Main concepts. OAuth2

7

Web App Keyrock

redirect

request access-token

access-token

access-code

OAu

th L

ibra

ry

Request user info using access-token

Main concepts. OAuth2 and GEs

8

Generic Enabler

Keyrock

Requ

est +

acce

ss-t

oken

Oauth2 flows

access-token

OK + user info (roles)

Web AppO

Auth

Lib

rary

access_token

Main concepts. OAuth2 and GEs

GET https://GE_URL HTTP/1.1Host: GE_hostnameX-Auth-Token: access_token

9

• Calls to other GEs

• Also for integration with Wilma PEP Proxy GE– For securing your REST APIs

Documentation

• Keyrock userguide– http://fiware-idm.readthedocs.io/en/latest/user_guide.html

• How to create OAuth2 tokens– http://fiware-idm.readthedocs.io/en/latest/oauth2.html

• OAuth2 spec– http://oauth.net/2/

Identity Management - Keyrock GELesson 3. Applications. How to create OAuth2 tokens.

Álvaro Alonso. UPM – DITSecurity Chapter. FIWAREaalonsog@dit.upm.es, @larsonalonso