# SOFA - Simple OAuth 2.0 Framework for Authentication (Freeware)

This class implements a small and easy to use framework to support Java applications with OAuth 2.0 for machine-to-machine (M2M) or service-to-service authentication.

<a href="quick-start/downloads" class="button primary">Free Download</a>

{% hint style="info" %}
Follow development at Mastodon [#JavaSOFA](https://swiss.social/tags/javasofa)
{% endhint %}

#### Example code (Microsoft 365 Authentication)

```java
import ch.k43.tools.SOFA;

public class SOFATest {

   public static void main(String[] args) {

      // Create SOFA object
      SOFA sofa = new SOFA(
         "https://login.microsoftonline.com/xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx/oauth2/v2.0/token",   // Authorization Server with Azure Tenant ID
         "https://outlook.office365.com/.default");						  // Authentication Scope
		
      // Authenticate with client credentials
      if (!sofa.authenticateWithClientCredentials(
         "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa",					          // Client ID (Application ID)
         "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")) {						  // Client secret (Value)
         System.out.println("Authentication failed <" + sofa.getErrorMessage() + ">");
         return;
      };

      // Show the ready-to-use HTTP request header
      System.out.println("HTTP Header <" + sofa.getHttpAuthorizationHeader() + ">");
   }
}
```

#### **Console Output**

```
HTTP Header <Authorization: Bearer ey...jw>
```

#### Key Points

* Requires Java version 1.8 or higher.
* Uses plain HTTP protocol to implement OAuth 2.0 client calls. Only grant types which do not require any user interactions are supported (`client_credentials` and `password)`.
* Once authenticated at the OAuth 2.0 authorization server, `getAccessToken()` returns the current access token or transparently calls the authorization server to obtain a new access token, if it is expired.
* All confidential data used in this class is stored in temporary, volatile memory (RAM) protected by AES-256 encryption.
* The standard Java Logger framework (not the Apache Log4j) is supported by writing log entries with `Level.FINE` and `Level.WARNING`. Logging is enabled by adding a configuration file `SOFA-Logging.properties` which is read from the current directory (see [Logging / Debugging](https://sofa.k43.ch/quick-start/logging-debugging)). No confidential data is written to the log.

{% hint style="warning" %}
Use this class only in trusted environments, since the calling application need to pass confidential data (e.g. client secret and/or user password) to the SOFA class for authentication.
{% endhint %}

### **Author**

This framework was created to help implementing projects which required the use of OAuth 2.0 authentication. If you encounter any issue or if you have a suggestion, please let me know.

You may contact me via my email address <andy.brunner@k43.ch>.

### **Freeware / Unlicense**

SOFA is [freeware](https://en.wikipedia.org/wiki/Freeware) and [unlicensed](https://en.wikipedia.org/wiki/Unlicense). It was created with love and passion in the beautiful country of 🇨🇭 Switzerland. This software shall be used for Good not Evil. As far as I know, no animal was harmed in the making of this software 😊

### **Credits**

Photo by [Konstantin Evdokimov](https://unsplash.com/@constantinevdokimov?utm_source=unsplash\&utm_medium=referral\&utm_content=creditCopyText) on [Unsplash](https://unsplash.com/s/photos/key?utm_source=unsplash\&utm_medium=referral\&utm_content=creditCopyText)