Simple OAuth 2.0 Framework for Authentication (SOFA)

"SOFA: As comfortable as a sofa"

This class implements a small and easy to use framework to support Java applications with OAuth 2.0 for machine-to-machine (M2M) or service-to-service authentication.

Example code

import ch.k43.tools.SOFA;
​
public class SOFATest {
​
public static void main(String[] args) {
​
// Create SOFA object
SOFA sofa = new SOFA(
"https://login.microsoftonline.com/xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx/oauth2/v2.0/token", // Authorization Server with Azure Tenant ID
"https://graph.microsoft.com/.default"); // Authentication Scope
// Authenticate with client credentials
if (!sofa.authenticateWithClientCredentials(
"aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa", // Client ID (Application ID)
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")) { // Client secret (Value)
System.out.println("Authentication failed <" + sofa.getErrorMessage() + ">");
return;
};
​
// Show the ready-to-use HTTP request header
System.out.println("HTTP Header <" + sofa.getHttpAuthorizationHeader() + ">");
}
}

Console Output

HTTP Header <Authorization: Bearer ey...jw>

Key Points

  • Requires Java version 1.8 or higher.
  • Uses direct HTTP protocol to implement OAuth 2.0 client calls. Only grant types which do not require any user interactions are supported (client_credentials and password).
  • Once authenticated at the OAuth 2.0 authorization server, getAccessToken() returns the current access token or a new one, if the access token has expired.
  • All confidential data used in this class is stored in temporary, volatile memory (RAM) protected by AES-256 encryption.
  • The Java Logger framework is supported by writing log entries with Level.FINE and Level.WARNING. Logging is enabled by adding a configuration file SOFA-Logging.properties which is read from the current directory (see Logging / Debugging). No confidential data is written to the log.
Use this class only in trusted environments, since the calling application need to pass confidential data (e.g. client secret and/or user password) to the SOFA class for authentication.

Author

This framework was created to help implementing projects which required the use of OAuth 2.0 authentication. If you encounter any issue or if you have a suggestion, please let me know.
You may contact me thru my email address [email protected].

Freeware / Unlicense

SOFA is freeware and unlicensed. It was created with love and passion in the beautiful country of πŸ‡¨πŸ‡­ Switzerland. This software shall be used for Good not Evil. As far as I know, no animal was harmed in the making of this software 😊

Credits

Photo by Konstantin Evdokimov on Unsplash​
Last modified 6mo ago
Copy link
On this page
"SOFA: As comfortable as a sofa"
Author
Freeware / Unlicense
Credits