[Apiman-user] Question about OAuth2 (apiman & keycloak)

Charles Moulliard cmoulliard at redhat.com
Wed Sep 9 03:39:10 EDT 2015 

Thx for the info. To be complete, these links are also very valuable to 
understand the JWT (Token issued by Keycloak)

https://scotch.io/tutorials/the-anatomy-of-a-json-web-token
https://developer.atlassian.com/static/connect/docs/latest/concepts/understanding-jwt.html

and to decode token based 64 to a more human readable

http://jwt.io/


On 07/09/15 20:30, Marc Savy wrote:
> This is using openid-connect, which is layered on top of OAuth2 and 
> provides a bunch of useful standardised fields for authentication 
> purposes (to verify that the caller is who they claim to be; as 
> opposed to authorization, which is talking more about what you are 
> allowed to do).
>
> There are a couple of good StackExchange threads which will be helpful:
>  - http://security.stackexchange.com/a/44614
>  - http://security.stackexchange.com/a/47136
>
> On 07/09/2015 17:18, Charles Moulliard wrote:
>> Hi,
>>
>> This blog post details how to use Oauth2 between APiman & Keycloak
>> ("http://www.apiman.io/blog/gateway/security/oauth2/keycloak/authentication/authorization/2015/06/09/keycloak-oauth2.html"). 
>>
>>
>> I have some questions to ask you about where these requests are related
>> to OAuth2 spec/protocol
>>
>> When we issue the request to get an access token for the client_id =
>> apiman "curl -X POST
>> http://127.0.0.1:8080/auth/realms/stottie/protocol/openid-connect/token
>> -H "Content-Type: application/x-www-form-urlencoded" -d
>> "username=rincewind" -d 'password=apiman' -d 'grant_type=password' -d
>> 'client_id=apiman'", does this request corresponds to Oauth 2 process
>> where the client requests an access token to the authorization server (=
>> keycloak) using as grant-type = password
>> (http://oauthlib.readthedocs.org/en/latest/oauth2/grants/password.html) 
>> ?
>>
>> Is this request also issued by the "Apiman OAuth2 Policy" when a HTTP
>> Client will call the gateway to access a HTTP endpoint secured by the
>> Api gateway ?
>>
>> Regards,
>>
>> Charles
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>
>

More information about the Apiman-user mailing list