Nuxeo Java Client handles these authentication methods:
- basic authentication via
BasicAuthInterceptor
- portal SSO authentication via
PortalSSOAuthInterceptor
- token authentication via
TokenAuthInterceptor
- OAuth2 authentication via
OAuth2AuthInterceptor
Basic Authentication
The default authentication method is the basic authentication. Client builder has a convenient method to configure Nuxeo Java Client with a basic authentication:
new NuxeoClient.Builder().authentication("Administrator", "Administrator");
Whose equivalent is:
new NuxeoClient.Builder().authentication(new BasicAuthInterceptor("Administrator", "Administrator"));
Portal SSO Authentication
Once Portal SSO authentication has been activated on your Nuxeo server you can use this method to connect the Java client with:
new NuxeoClient.Builder().authentication(new PortalSSOAuthInterceptor("Administrator", "nuxeo5secretkey"));
Token Authentication
Token authentication is enabled by default on Nuxeo server, to use it in Java client:
new NuxeoClient.Builder().authentication(new TokenAuthInterceptor("nuxeoToken"));
Token obtention is not implemented in java client and should be done by following this documentation.
JWT Authentication
JWT authentication can be enabled on Nuxeo server if you set up a secret with nuxeo.jwt.secret
in your nuxeo.conf, to use it in java client:
new NuxeoClient.Builder().authentication(new JWTAuthInterceptor("nuxeoToken"));
There's currently no way to obtain a JWT token through built-in REST API.
OAuth 2 Authentication
OAuth 2 authentication is enabled by default on Nuxeo server, you just need to create an OAuth 2 Client in Nuxeo, see Nuxeo - OAuth2 Client Registration.
Once you have your clientId
and clientSecret
you need to implement an OAuth 2 Grant Flow in your application to retrieve an authentication code. With this code you can setup the OAuth 2 authentication in the Java client with:
new NuxeoClient.Builder().authentication(
OAuth2AuthInterceptor.obtainAuthFromAuthorizationCode("http://localhost:8080/nuxeo", clientId, authCode));
// or if you have set up a client with a clientSecret
new NuxeoClient.Builder().authentication(
OAuth2AuthInterceptor.obtainAuthFromAuthorizationCode("http://localhost:8080/nuxeo", clientId, clientSecret, authCode));
After that, your client will be able to access Nuxeo using OAuth 2 and it will refresh the OAuth 2 token if needed.
Implement Your Own
By design, Nuxeo Java Client leverages OkHttp
Interceptor
interface to handle authentication between client and server.
This is what expect the method: NuxeoClient.Builder#authentication(Interceptor)
.
You just need to implement one method which will be responsible to inject the appropriate header:
public class MyAuthInterceptor implements Interceptor {
protected String token;
public MyAuthInterceptor(String token) {
this.token = token;
}
@Override
public Response intercept(Chain chain) throws IOException {
Request request = chain.request() // get the request
.newBuilder() // create a new builder from it
.addHeader("MY-HEADER", token) // add header
.build(); // finally build request
return chain.proceed(request);
}
}
Then you can use it:
new NuxeoClient.Builder().authentication(new MyAuthInterceptor("mySuperToken"));