OAuth Token Endpoint Client for Java

Description

Client helper for OAuth 2.0 Token endpoint. Supports "Client Credentials" flow with "client_secret", RS256 JWT "client_assertion" and custom grants.

Features

Client Credentials Grant (2-Legged OAuth)
"client_secret" authentication
"private_key_jwt" authentication method as defined in Assertion Framework for OAuth 2.0 Client Authentication and Authorization Grants and OpenID Connect Core 1.0
Custom grant support. I.e. for custom assertion grants.
Access token caching. Uses in-memory cache by default. Caching key includes all parameters, so it is safe to use with more than one Authorization Server, credential set or OAuth scope list.

This library only interacts with token endpoint and receives access_token. It is not designed to be used for flows involving authorization endpoint

If you need support for other grant types or authentication methods, please check some other implementations.

Getting started

Install with Maven:

<dependency>
    <groupId>com.scalepoint</groupId>
    <artifactId>oauth-token-client</artifactId>
    <version>1.1.1</version>
</dependency>

Obtaining access token from token endpoint is as simple as this:

private_key_jwt

ClientCredentialsGrantTokenClient tokenClient = new ClientCredentialsGrantTokenClient(
                                tokenEndpointUri,
                                new JwtBearerClientAssertionCredentials(
                                    tokenEndpointUri,
                                    clientId,
                                    keyPair
                          ));

String accessToken = tokenClient.getToken("scope1", "scope2");

Check here for how you can load "keyPair" from .jks or .pfx file containing only one certificate and key for test purposes.

client_secret

ClientCredentialsGrantTokenClient tokenClient = new ClientCredentialsGrantTokenClient(
                                tokenEndpointUri,
                                new ClientSecretCredentials(clientId, clientSecret)
                          );

String accessToken = tokenClient.getToken("scope1", "scope2");

Using Proxies

The token client respects the proxy settings in the system properties, e.g. http.proxyHost or http.proxyPort.

However in some cases the OAuth server needs to be accessed through a different proxy than the resource server. In these cases the OAuth server's proxy can be set like this:

String proxyHost = "proxy.example.com"; // ip address works as well
int    proxyPort = 8080;
tokenClient.setProxy(proxyHost, proxyPort);

Name		Name	Last commit message	Last commit date
Latest commit History 52 Commits
src		src
.gitattributes		.gitattributes
.gitignore		.gitignore
LICENSE.txt		LICENSE.txt
README.md		README.md
client-test.jks		client-test.jks
config.properties		config.properties
pom.xml		pom.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

OAuth Token Endpoint Client for Java

Description

Features

Getting started

private_key_jwt

client_secret

Using Proxies

About

Releases

Packages

Languages

License

truj/oauth-token-java-client

Folders and files

Latest commit

History

Repository files navigation

OAuth Token Endpoint Client for Java

Description

Features

Getting started

private_key_jwt

client_secret

Using Proxies

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages