OAUTH 2.0 IMPLEMENTATION USING MULE OAUTH2 PROVIDER

In this tutorial I will demonstrate how can we create the Mule OAUTH 2.0 provider using CLIENT_CREDENTIALS as Grant Type and deploy the same on Mule Runtime and get the bearer token value and also I will demonstrate how to apply OAUTH 2.0 Access Token enforcement policy using Mule OAUTH 2.0 Provider and use the token value generated to authenticate the mule api

OAuth 2.0

OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices.

Mule OAuth 2.0 Provider is an OAuth 2.0 provider alternative developed by MuleSoft that can be used in any MuleSoft API Platform organization

OAuth 2.0 Grant Types

OAuth 2.0 specifies the following grant type methods for requesting a token:

  • AUTHORIZATION_CODE
  • IMPLICIT
  • RESOURCE_OWNER_PASSWORD_CREDENTIALS
  • CLIENT_CREDENTIALS
Create project in anypoint studio

Drag and drop create client operation from mule palette and complete the configuration for Oauth2 Provider Config( if you did not find create client operation please add OAUTH provider module from exchange)

img
img

Configure the client object store to prevent any possible downtime of Mule OAuth 2.0 Provider due to errors when connecting to Anypoint Platform, the Mule OAuth client store caches each valid client application(client credentials) for which a token is requested.

img
img

Pass the supported grant types as CLIENT_CREDENTIALS, path as /token to get the token and configure the token object store to store the token value, you can configure the token TTL as per requirement, I have kept is as default value and refresh token strategy as No Refresh Token as Default value

img

Global elements configuration:

img

Configure the details for Create Client

img

Now next step is to add operation to validate the token

Drag and drop the validate token operation from mule palette in same project

img

Set the response in Set Payload

img

Deploy the application on Cloudhub OAUTH provider application successfully running, we will use in next part to get the access token

img

Create one sample mule application Deploy the sample Mule Application on Cloudhub

img
img
img

Now I will register the client as mentioned

img

Next step is to get the OAUTH token

img

pass the token in Header to invoke the mule api created

img

Now I will test the mule application without passing any Oauth credentials and got the error as “Access token was not provided”

img

Now I will test the mule application with all required parameters

img

We applied the policy and retrieve the data successfully

icon png
Thank you for taking out time to read the above post. Hope you found it useful. In case of any questions, feel free to comment below. Also, if you are keen on knowing about a specific topic, happy to explore your recommendations as well.

Post a comment

Your email address will not be published.