Exposing the AEM resources through OAuth - Adobe Experience Manager(AEM)
This post will explain the approach to expose the resources through OAuth in Adobe Experience Manager(AEM).Refer https://www.albinsblog.com/2017/05/how-to-get-basic-profile-details-of-user-through-oauth.html for the basic configurations to expose the the resources thorough OAuth.
Exposing /etc/designs/geometrixx/static.css through OAuth
Configure the "Allowed Scope" as "/etc/designs/geometrixx"(based on the resource that should be exposed) in "Adobe Granite OAuth Resource Server"
The OAuth Authentication handler is not enabled by default and it looks to be an product defect.
Save the configurations(without any change) of "Adobe Granite OAuth Server Authentication Handler" to enable the handler (Perform the same step for previous post also)
Authorize the user:
http://localhost:4502/libs/granite/oauth/content/authorization.html?client_id=fjgsnsbnlqgp5l3ck67oseb0f9-eucn-1ub&scope=/etc/designs/geometrixx&redirect_uri=http:__localhost:8080/testReceive the access token using the code received:
curl -H "Content-Type: application/x-www-form-urlencoded" -d "code=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJmamdzbnNibmxxZ3A1bDNjazY3b3NlYjBmOS1ldWNuLTF1YiIsInN1YiI6ImFkbWluIiwiZXhwIjoxNDk5MjkyNzQ0LCJpYXQiOjE0OTkyOTIxNDQsInNjb3BlIjoiL2V0Yy9kZXNpZ25zL2dlb21ldHJpeHgifQ.5ex1DvYLhYdoKjUvpscbyUpL5CWc02gjcpyPMJAPpMs&grant_type=authorization_code&redirect_uri=http://localhost:8080/test&client_id=fjgsnsbnlqgp5l3ck67oseb0f9-eucn-1ub&client_secret=r83jf37qc2jj4ggo8hmhcoqcc8" http://localhost:4502/oauth/tokenReceive the Resource using the access token received:
curl -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJmamdzbnNibmxxZ3A1bDNjazY3b3NlYjBmOS1ldWNuLTF1YiIsImlzcyI6IkFkb2JlIEdyYW5pdGUiLCJzdWIiOiJhZG1pbiIsImV4cCI6MTQ5OTI5NTc4NywiaWF0IjoxNDk5MjkyMTg3LCJzY29wZSI6Ii9ldGMvZGVzaWducy9nZW9tZXRyaXh4In0.LfZxnZTL38bqHJaVJvcraLzaBu5axfdhuVQz7WFGLoE" http://localhost:4502/etc/designs/geometrixx/static.cssThe below step should be followed for publisher(assuming anonymous access is enabled) - Enable the authentication for the resource /etc/designs/geometrixx
Hi Albin,
ReplyDeleteCan you explain a simple use-case where in you want to expose an AEM resource using oAuth?, because as per my understanding we get resource from REST/SOAP APIs protected by oAuth.
Thanks,
Sumanth
What I am understanding is you are mimicing the job which is done by REST APIs/Services, through AEM SLING rest webservices instead, the resource you get from AEM is always static, wherein I don't understand the use of it.
ReplyDeleteResource can be anything static or dynamic including API'S.
DeleteRegards
Albin I
This comment has been removed by the author.
DeleteGood one... (y)
Delete