Defining an OAuth service provider
An OAuth service provider is a named set of configuration options for OAuth. The id or name of the provider is specified in the URL of inbound requests to the authorization and token endpoints. The set of configuration options for that provider is used when the request is handled. This process allows one server with one endpoint servlet to effectively provide multiple OAuth configurations. For example, the https://my.company.com:8021/oauth2/endpoint/photoShare/authorize URL is handled by using the set of OAuth configuration options that are defined for the OAuth provider named photoShare. The https://my.company.com:8021/oauth2/endpoint/calendarAuthz/authorize URL is handled by using the set of OAuth configuration options that are defined for the OAuth provider named calendarAuthz.
About this task
An OAuth service provider is defined with the oauthProvider element in the server.xml file. You can define an OAuth service provider by editing the server.xml file or by using the WebSphere® Application Server Development Tools for Liberty. This task describes how to define a minimal OAuth configuration.
Procedure
Results
Example
<server>
<featureManager>
<feature>oauth-2.0</feature>
<feature>ssl-1.0</feature>
</featureManager>
<keyStore password="keyspass" />
<oauth-roles>
<authenticated>
<user>testuser</user>
</authenticated>
</oauth-roles>
<oauthProvider id="SampleProvider" filter="request-url%=ssodemo">
<localStore>
<client name="client01" secret="{xor}LDo8LTor"
displayname="Test client number 1"
redirect="http://localhost:1234/oauthclient/redirect.jsp"
enabled="true" />
</localStore>
</oauthProvider>
<webAppSecurity allowFailOverToBasicAuth="true" />
<basicRegistry id="basic" realm="BasicRealm">
<user name="testuser" password="testuserpwd" />
</basicRegistry>
</server>