An OAuth client or third-party service application must register itself with the WebSphere® Application Server OAuth2 service provider. The registered clients are either stored as an XML file or in a database table.
To store registered clients as an XML file, you create an XML file called base.clients.xml. This XML file must be placed under the oauth20 directory in the WebSphere Application Server cell directory or node directory. The sample base.clients.xml file is in the properties directory of the WebSphere Application Server installation.
/*Client Table*/ CREATE TABLE OAuthDBSchema.OAUTH20CLIENTCONFIG ( COMPONENTID VARCHAR(256) NOT NULL, /*Name of OAuth Provider and matches config.xml*/ CLIENTID VARCHAR(256) NOT NULL, /*ID of client*/ CLIENTSECRET VARCHAR(256), /*Client secret*/ DISPLAYNAME VARCHAR(256) NOT NULL, /*Display name of the client*/ REDIRECTURI VARCHAR(2048), /*client redirect URI*/ ENABLED INT /*int*/ );
After creating the client storing files and tables, you can directly add, delete, or modify a client. You can also use WebSphere Application Server MBean or programming APIs to manage clients.
import com.ibm.ws.security.oauth20.plugins.BaseClientProvider; import com.ibm.ws.security.oauth20.plugins.BaseClient; import com.ibm.ws.security.oauth20.api.OAuth20Provider; import com.ibm.ws.security.oauth20.api.OAuth20ProviderFactory; import com.ibm.ws.security.oauth20.plugins.db.CachedDBClientProvider; OAuth20Provider provider = OAuth20ProviderFactory.getOAuth20Provider("<<provider_name>>"); OAuthComponentConfiguration oauthconfig = provider.getConfiguration(); CachedDBClientProvider clientProvider = new CachedDBClientProvider(); //if using Database for client store //BaseClientProvider clientProvider = new BaseClientProvider(); //if using XML file for client store clientProvider.init(oauthconfig); // replace << .... >> with desired String BaseClient newClient = new BaseClient(oauthconfig.getUniqueId(), "<<client_id>>", "<<client_secret>>", "<<client displayName>>", "<<redirect uri>>", true); //add a new client clientProvider.put(newClient); //delete a client clientProvider.delete("<<client_id>>"); //query all registered clients Collection<BaseClient> clients = clientProvider.getAll(); for (BaseClient client : clients) { String client_display_name = client.getDisplayName(); String client_id = client.getClientId(); String redirect_uri = client.getRedirectUri(); }The following example illustrates sample code for client management by using the MBean API:
//get OAuth client mBean OAuth20ClientMBean ObjectName objName = new ObjectName ("WebSphere:type=OAuth20ClientMBean,*"); AdminClient adminClient = ....; // add a new client BaseClient newClient = new BaseClient(oauthconfig.getUniqueId(), "<<<<client_id>>", "<<client_secret>>", "<<client displayName>>", "<<redirect uri>>", true); adminClient.invoke(objName, "addClient", new Object[]{newClient}, new String[]{newClient.getClass().getName()}); //delete a client by client id adminClient.invoke(objName, "removeClient", new Object[]{providerName, "<<client id>>"}, new String[]{providerName.getClass().getName(), clientName.getClass().getName()});