Keeping things safe is crucial for a project to work well. Mulesoft as a platform, has various rules to make sure things are secure. One important rule is the OAuth 2.0 rule. It only works with Mule's OAuth provider app, which checks if the token in the request is valid. If the token is valid, access to the app is granted.
Mule OAuth 2.0 Provider is a solution developed by MuleSoft. It’s an OAuth provider that can be used in any MuleSoft API Platform organization.
Mule OAuth 2.0 Provider Overview
The Mule OAuth 2.0 Provider is a solution developed by MuleSoft that can be utilized within any MuleSoft API Platform organization.
Steps to Create a Mule OAuth Provider
Step 1: Create a New Mule Project
Open Anypoint Studio and create a new project, e.g., mule-oauth-provider.
Step 2: Add Dependencies in pom.xml
#Mule Oauth provider dependency<dependency>
<groupId>com.mulesoft.modules</groupId>
<artifactId>mule-oauth2-provider-module</artifactId>
<version>1.0.12</version>
<classifier>mule-plugin</classifier>
</dependency>#Object Store dependency
<dependency>
<groupId>org.mule.connectors</groupId>
<artifactId>mule-objectStore-connector</artifactId>
<version>1.2.1</version>
<classifier>mule-plugin</classifier>
</dependency>
Note: version may differ according to latest release.
Step 3 : Create Required Global Elements.
# For storing client information –
Click on the create button and in the filter search for object store.
Now click on Object Store and add values as below.
# For storing token information-
follow the same steps as client_os to create token_os.
# Create a listener configuration as below:-
Create Oauth Provider config:-
1. Go to Global Elements and search for OAuth2 Provider Config
2. Select the config and add below properties:-
Create a listener configuration as specified.
OAuth Provider Configuration
Go to Global Elements and search for OAuth2 Provider Config.
Set the properties:
Listener Config: Use the listener configuration created earlier.
Client Store: Reference the client object store (client_os).
Supported Grant Type: Set to CLIENT_CREDENTIALS.
Path: /token
Token Store: Reference the token object store (token_os).
Step 4: create a flow in which add a listener & Add path as /creatClient
And add create client connector with following details:
name = Create client
config-ref=OAuth2_Provider_Config
clientId = attributes.headers.client_Id
secret = attributes.headers.client_secret
clientName = attributes.headers.client_name
authorizedGrantTypes = CLIENT_CREDENTIALS
fail If Present = true
type = CONFIDENTIAL
Step 5: create another flow for validating the token. Add listener to the source from mule palette , for listener config refer the same as before and give path as /validate .
Step 6: Now put the validate token connector in the flow after the listener and give reference to Oauth2_Provider_Config which we created earlier.
#Now our OAuth Provider API is ready , just deploy it and test it from postman
Creating postman collection
We need to create a client for our application for which we want to create the token.
Create Client: hitting /createClient API
For creating a client send the following details in the headers
Client_id :- Client Id of the client API
Client_secret :- Client secret of the client API
Client_name:- name of the client
Now Generating token for the above client .
Generate token: hitting /token API
For generating the token give the following headers:-
Client_id:- Client ID of the client API
Client_secret:- Client secret of the client API
Grant_type :- CLIENT_CREDENTIALS
(note: Credentials are the same as we used while creating the client in the above request).
Validate Token:- (/Validate)
For Validating the token we need to add Authorization Bearer <<token>> in headers
(note:- The token’s value is the one received from the response to the above /token request.)
This revised guide enhances readability and provides a clear, step-by-step approach to implementing an OAuth provider in MuleSoft.
Kommentare