Setting OAuth Type Authentication - shephertz/App42_APIGateway_Docs GitHub Wiki

App42 API gateway supports OAuth 2.0 type for authentication. One can use Authorization Code or Client Credential as a Grant Type for your API.

To make API as OAuth 2.0 you can login to console and can provide following information as shown below in screenshot.

After setting this up you are ready to use your API with OAuth 2.0 credentilas.

Using API with Client Credentials Grant Type

If Grant Type is set as Client Credentials, you have to pass IAM APIkey/Secret key as client Id and Secret key to get the access token., This can be done through any OAuth client library or you can also make a direct REST call to following URL to get the access token. Below is the Java snippet of OAuth client to fetch access token

String clientId = "xxxxxx"; //Pass APIKey of IAM here
String clientSecret = "xxxxxx"; // PAss Secret Key of IAM here
String tokenEndPoint = "http://$GATEWAYURL/api/$VERSION/$APINAME/token";
OAuthClientRequest request =    OAuthClientRequest.tokenLocation(tokenEndPoint).setClientId(clientId)
               .setClientSecret(clientSecret).setGrantType(GrantType.CLIENT_CREDENTIALS)
               .buildQueryMessage();
OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
OAuthJSONAccessTokenResponse response = oAuthClient.accessToken(request);
System.out.println(response.getBody());

Once you got the access token, you can pass this in your API call to App42 API gateway for authentication. API gateway will do all the validation and authentication on it and allow the API call if it is valid access token.

Using API with Authorization Code Grant Type

For Authorization Code Grant Type, you have to first get the authorization code and then using this code you can get access token.

Getting Authorization Code

String endPoint = ""http://$GATEWAYURL/api/$VERSION/$APINAME/authorize";
		String clientId = "xxxxxxx";
		String redirectURI = "https://api.shephertz.com/"; //Your IAM Redirect URI 
		String scope = "xxxxx"; //Scope for maintaining transaction
		String state = "/1.0/album/?name=xxxx"; //Permission
		OAuthClientRequest request = OAuthClientRequest
			.authorizationLocation(endPoint)
			.setClientId(clientId)
		.setRedirectURI(redirectURI).setState(scope).setScope(state).setResponseType(ResponseType.CODE.toString())
			.buildQueryMessage();
		OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
		OAuthJSONAccessTokenResponse response = oAuthClient.accessToken(request);
		System.out.println(response);`

Getting Access Token from Code

String clientId = "xxxxxxx";
		String clientSecret = "xxxxxx";
		String tokenEndPoint = "http://$GATEWAYURL/api/$VERSION/$APINAME/token";
		String authCode = "xxxxxxxxx";
		String redirectURI = "https://api.shephertz.com/"; //Your IAM Redirect URI
		
		OAuthClientRequest request = OAuthClientRequest
			.tokenLocation(tokenEndPoint)
			.setClientId(clientId).setClientSecret(clientSecret).setCode(authCode).setGrantType(GrantType.AUTHORIZATION_CODE)
			.setRedirectURI(redirectURI)
			.buildQueryMessage();
		System.out.println(request.getLocationUri());
		OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
		OAuthJSONAccessTokenResponse response = oAuthClient.accessToken(request);
		System.out.println(response.getBody());

Once you have access token, you can make a call to your API by passing access_token parameter either in header or in query param. App42 API gateway will do rest of the thing for your API. If you are writing your own API through Java, you will get AccessToken object available in HttpRequestObject reference. This will have all the information of access token including its value, expiry, permission state etc.