SOFA - Simple OAuth 2.0 Framework for Authentication (Freeware)

This class implements a small and easy to use framework to support Java applications with OAuth 2.0 for machine-to-machine (M2M) or service-to-service authentication.

Free Download

Example code (Microsoft 365 Authentication)

import ch.k43.tools.SOFA;

public class SOFATest {

   public static void main(String[] args) {

      // Create SOFA object
      SOFA sofa = new SOFA(
         "https://login.microsoftonline.com/xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx/oauth2/v2.0/token",   // Authorization Server with Azure Tenant ID
         "https://outlook.office365.com/.default");						  // Authentication Scope
		
      // Authenticate with client credentials
      if (!sofa.authenticateWithClientCredentials(
         "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa",					          // Client ID (Application ID)
         "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")) {						  // Client secret (Value)
         System.out.println("Authentication failed <" + sofa.getErrorMessage() + ">");
         return;
      };

      // Show the ready-to-use HTTP request header
      System.out.println("HTTP Header <" + sofa.getHttpAuthorizationHeader() + ">");
   }
}

Console Output

HTTP Header <Authorization: Bearer ey...jw>

Key Points

• Requires Java version 1.8 or higher.

• Uses plain HTTP protocol to implement OAuth 2.0 client calls. Only grant types which do not require any user interactions are supported (client_credentials and password).

• Once authenticated at the OAuth 2.0 authorization server, getAccessToken() returns the current access token or transparently calls the authorization server to obtain a new access token, if it is expired.

• All confidential data used in this class is stored in temporary, volatile memory (RAM) protected by AES-256 encryption.

Author

This framework was created to help implementing projects which required the use of OAuth 2.0 authentication. If you encounter any issue or if you have a suggestion, please let me know.

Freeware / Unlicense

Credits