Giter VIP home page Giter VIP logo

grails-spring-security-rest-java-client's Introduction

Java Client - Spring Security Rest for Grails

Java library to interact with Spring Security Rest for Grails plugin.

It uses the JSON Web Token (JWT) capabilities offered by plugin.

Installation

repositories {
    jcenter()
}

dependencies {
    compile 'org.grails:java-client-grails-spring-security-rest:0.3'
}

Login

Authentication Request:

String serverUrl = "http://localhost:8080";
String username = "sherlock";
String password = "elementary";
def authenticationRequest = new AuthenticationRequest.Builder()
                .serverUrl(serverUrl)
                .username(username)
                .password(password)
                .build();
JwtResponse rsp = client.authenticate(authenticationRequest);

Correct Credentials

If authentication is successful a JwtResponseOK object is returned. This object contains a Jwt property.

public interface Jwt {
    String getUsername();

    List<String> getRoles();

    String getTokenType();

    String getAccessToken();

    int getExpiresIn();

    String getRefreshToken();
}

Incorrect Credentials

If the credentials are incorrect a JwtResponseUnauthorized object is returned.

Token Refresh

To refresh the credentials issue this request:

String refreshToken = "eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINHNJQUFBQUFBQUFBSlZTUFVcL2NRQlI4dmh5Q0NJbVBTSW1VQXBwQUZcL21rcEx3cWgwZ2taSEVJY3cxSW9EMzdZUmJXdTJaM0RYY051aW9wS0loSWtCRDhCZjVKMHVRSFJLR2dwYWJOVzhQaGd3YXhsZjEyUEROdnhoZlhNR1EwZkV3MDQ4TDRtY2dUTG4yVGFTNFRnMUd1dWUzNnVVRWRveTBRWHdwZ2l5WndlN3dLZUFGVWVHemhWYkROOWxoTk1KblVtdTF0akd5OW8rR0Qwc2tkNDZabUtlNHJ2ZVBmYzBkSzR3T0JrdG83cThEd0treXlLRks1dEl0S3puY3lyakZlaFlseUZxaG94NDFlUjNTRDBuSW16Q0IwR0NWckM0d0RHR1c1M1ZLa3l0RllHTDgxbTFzdWFpSGFlZ0FqR1RPRzNEM2FKTFRPdXJ0M05pVnRzQXNIVU8xa0hoM0tidFpCZmNmanp5a2hhR3V1cEpscHlWVEZmSk03Y2VMdlRSM1wvT1RydnRTb0FsTW43cDc4cDUyOGIwUHUxZmpOZEJPMUZGdDRNV0M5aDlVNUdiaVpMNWhXTlR2bnY2ZEtQayt0dmF5OUkyU0UrUDcrUG1VOTN5WFhuVkpveHphd2E2SWhvOTZ2dW1jZ2JUNVAzVytqNklVOHpnZlJIU1l2eHZVUkpUT3RXdFJMOXZDMjhYRzRHOHh1TlpoaTZ0eEd6aFZwUVwvYVE3VnF6dCt2SURSVzBkWG4zXC9mZlR1SDNFc3dOQWVFemxTNmhNbGFERlAyNmlcL1hweE1qZjY4UEN4MjZQXC9QXC93R3dmS0JsRXdNQUFBPT0iLCJzdWIiOiJzaGVybG9jayIsInJvbGVzIjpbIlJPTEVfQk9TUyJdLCJpYXQiOjE0ODQ1NjA1MTB9.PB3epeHlU_dC22-X5hkidR5IF19WTcpRilKkgUjgqGM";
def refreshRequest = new RefreshRequest.Builder()
                .serverUrl(serverUrl)
                .refreshToken()
                .build();
def rsp = client.refreshToken(refreshRequest);
((JwtResponseOK) rsp).getJwt().getAccessToken();

Dependencies

The library uses internally OkHttp and Gson

Author

Sergio del Amo - [email protected]

grails-spring-security-rest-java-client's People

Contributors

sdelamo avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar

grails-spring-security-rest-java-client's Issues

Thank you not an issue just more a discussion

Hey Sergio

Thank you for a great bit of work here. I can't really emphasise how powerful all of this is. Although to get your head around on how to reuse all of this is not all that easy to follow.

I have got 2 grails apps running spring security 1 which is the master and runs the actual db for users, the 2nd also has spring security but the domain classes are mappedWith="none" wich means no real users, altered the authprovider in that version to call your rest-java-api - based on returned class success failure etc actually generate a userDetail class and successfully log in local user. Keep the JWT token in a Listener that you provide then from there on send the JWT token back to master host through a header Encrypted.

The grails app at the master end looks up the header decrypts JWT and from it finds the actual spring security user from the JWT token and provides what ever they asked for on the remote end.

I am unsure if there are any guides on how to do any of this, it has taken me a week to get my head around all of it and wonder if I should contribute through some example project to show some of this working for the wider community or perhaps it is already all done and I missed it.

Most of the work on how to resolve back to JWT token back to spring security user was found on this side project: http://guides.grails.org/grails-custom-security-tenant-resolver/guide/index.html

Anyhow let me know as I say thank for what seems to be a really powerful bit of code

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.