How to handle route access using OAuth2 with Micronaut?
I am working on a web project that uses OAuth2 to authenticate users. So the web client will send an Authorization header with a Bearer token to my Micronaut API.
To check if the token is valid, I was planning on calling this API: https://developer.okta.com/docs/api/openapi/okta-oauth/oauth/tag/OrgAS/#tag/OrgAS/operation/userinfo
If the 3rd party authenticator returns the user profile, then I assume the token is valid; if I get a 401 then it's not. I was thinking of using a hand made HttpServerFilter, but some of my teammates are more into using Micronaut Security package: https://micronaut-projects.github.io/micronaut-security/latest/guide/
I'm confused about what's the proper way. Any suggestion?
3 Replies
⌛ This post has been reserved for your question.
Hey @Elfayeur! Please useTIP: Narrow down your issue to simple and precise questions to maximize the chance that others will reply in here./closeor theClose Postbutton above when your problem is solved. Please remember to follow the help guidelines. This post will be automatically marked as dormant after 300 minutes of inactivity.
💤 Post marked as dormant
This post has been inactive for over 300 minutes, thus, it has been archived.
If your question was not answered yet, feel free to re-open this post or create a new one.
In case your post is not getting any attention, you can try to use /help ping.
Warning: abusing this will result in moderative actions taken against you.Ping
💤 Post marked as dormant
This post has been inactive for over 300 minutes, thus, it has been archived.
If your question was not answered yet, feel free to re-open this post or create a new one.
In case your post is not getting any attention, you can try to use /help ping.
Warning: abusing this will result in moderative actions taken against you.