🎄 Happy Holidays! 🥳
Most of Solace is closed December 24–January 1 so our employees can spend time with their families. We will re-open Thursday, January 2, 2024. Please expect slower response times during this period and open a support ticket for anything needing immediate assistance.
Happy Holidays!
Please note: most of Solace is closed December 25–January 2, and will re-open Tuesday, January 3, 2023.
How to use/ enable oAuth2 in spring cloud stream to connect to Solace broker ?
I have implemented spring cloud solace binder to consume messages from Solace Queue.
I am using Azure OAuth and registered the app as well as enabled OAuth on the solace broker.
I am having hard time finding Oauth properties to connect to solace binder.
Referred to various dev tutorials and could only find below properties with basic auth.
binders:
local-solace:
type: solace
environment:
solace:
java:
host: tcp://localhost:55555
msgVpn: default
clientUsername: default
clientPassword: default
Answers
-
Hi @chatumoh,
Solace's Spring Cloud Stream binder uses our Spring Boot JCSMP starter to connect to the broker so you can set any properties defined here: https://github.com/SolaceProducts/solace-spring-boot/tree/master/solace-spring-boot-starters/solace-java-spring-boot-starter#updating-your-application-properties
In the case of OAUTH you'll want to set JCSMPProperties.AUTHENTICATION_SCHEME to JCSMPProperties.AUTHENTICATION_SCHEME_OAUTH, JCSMPProperties.OAUTH2_ACCESS_TOKEN, and JCSMPProperties.OAUTH2_ISSUER_IDENTIFIER. which can all be set under solace.java.apiProperties.
Hope that helps!
0 -
@marc I did explore JCSMPProperties and added to my project under solace.java.apiProperties.
I see JCSMPProperties.OAUTH2_ACCESS_TOKEN expects the token value when i set JCSMPProperties.AUTHENTICATION_SCHEME to AUTHENTICATION_SCHEME_OAUTH2 retrieved from token endpoint from auth provider which is Azure in my case.
But i am wondering if sessionHandling i.e. injecting new access token and requesting one when expired would be implicitly handled by SpringJCSMPFactory once client / solace consumer is connected to binder Or how do i manage it on my own in the app?
Also, JCSMPProperties.AUTHENTICATION_SCHEME: AUTHENTICATION_SCHEME_OAUTH2 is only supported since v3.4 & i am getting error that
AUTHENTICATION_SCHEME_BASIC, AUTHENTICATION_SCHEME_CLIENT_CERTIFICATE,AUTHENTICATION_SCHEME_GSS_KRB" are only supported schemes for solace binder versions lower than v3.4. How can i connect to solace binder with Oauth2 for lower version e.g. v3.20 -
Hi, Im trying to implement the same . Have you found a solution on injecting access token and requesting one when expired
0 -
Hi @bharathkumarkoya and @chatumoh,
First off sorry @chatumoh for not getting back to you. I was OOO for a while and this slipped through the cracks.
But I have good news: the engineering team is currently working on several improvements in this area that will be included in the next release for both the
solace-spring-bootandsolace-sping-cloudofferings. This will include oauth token refresh. You can see the work is already underway on the Spring Boot side with the PR below being opened today. More things are being worked, including ensuring the Cloud Stream binder supports OAuth with multiple binders at once. I would expect these releases happen in August. They could even sneak into late July so keep your eyes out for the next release :)You can see the PR here:
Hope that helps!
0 -
The OAuth2
client_credentialsgrant type support in Solace SCSt Binder is released with v4.3.0 and higher.The documentation actually point to the solace-java-spring-boot-starter documentation.
You may also like to check the integration test for example usage
FYI, @chatumoh and @bharathkumarkoya
1
