The Mule4 HTTP connector only supports OAuth 2.0 (when using Anypoint Studio).
We need to call Third-Party APIs (from Mule flow) that requires OAuth 1.0 (HMAC-SHA1 signature method). Is there an available connector that we can use?
The Mule 4 HTTP connector supports only the following OAuth 2 methods:
OAuth2 - Authorization Code
OAuth2 - Client Credentials
An alternative could be to disable the built-in authentication methods and implement the HMAC-SHA1 signing yourself in the flow. Mule 4.2.x provides a DataWeave HMACWith() function that could be used to generate the signature.
Related
I have implemented OAUTH 2.0 authentication with MSAL libraries as below.
clientApplication.getAuthorizationRequestUrl(parameters).toString(); to invoke authorization endpoint and
clientApplication.acquireToken(authorizationCodeParameters) to aquire token from authorization code.
Now I have to implement the same flow for SAML V2.0 protocol too and need some help from the Microsoft team in finding related libraries with which I can invoke /saml2/ endpoint and fetch saml assertions.
I'm using Spring boot 2.2.
Thanks in advance
There are no official Microsoft SAML libraries.
There is a list of client-side libraries.
I have an existing ASP.NET Core API with its Swagger supporting JWT bearer token authentication from an AAD (mono-tenant).
This API supports both user and client credentials JWT tokens.
I am trying to create and use a logic app custom connector to use my API but I cannot find a way to make the client credentials authentication work.
It seems I can edit the swagger file to use the 'application' flow but it does not seems to be correctly supported.
securityDefinitions:
oauth2_auth:
type: oauth2
flow: application
tokenUrl: https://login.microsoftonline.com/xxxxxxx/oauth2/v2.0/token
scopes: {.default: .default}
Are client credentials supported from the logic app connector without custom logic in the logic app flow ? (I cannot find anything about supported scenarios in the docs)
In order to use the credentials in a standard connector, you need to switch to Active Directory OAuth. And then fill in the client credentials. If you are about to use Microsoft Graph, make sure to specify the Audience as well.
For more details, you could refer to this article.
I need to implement SSO for a legacy application built in java 1.6 and spring framework 3.1.2 using SAML2.0. I have already implemented SSO using SAML2.0 with the latest spring-boot. Is it possible to implement SSO without using springboot.
Spring is essentially a SAML client-side library.
There are others.
In the Java world, OpenSAML is a possible option.
We have upgraded Identityserver3 to Identityserver4 and we are using IdentityServer3.AccessTokenValidation in API endpoints to verify jwt tokens.
After the upgrade we are unable to verify tokens issued by IdentityServer3.
We are able to use IdentityServer4.AccessTokenValidation by using the option LegacyAudienceValidation = true; to support tokens from Identityserver3 and Identityserver4.
IdentityServer4.AccessTokenValidation is based on .NET Core which we are not using. It is not an option to upgrade all our API endpoints to .NET Core and we need to be able to support Identityserver3 issued tokens.
How can we enable our existing API endpoint to support tokens issued by identityserver3 and identityserver4. Most of our API endpoints are based on Microsoft OWIN and .NET Framework 4.5.1.
The Mule community documentation http://www.mulesoft.org/documentation/display/current/Authentication only refers to Basic, OAuth1 & OAuth2 authentication methods when connecting to an API endpoint. Is there an "out of the box" method to authenticate against an API end point using Active-Directory/Kerberos?
Mule works fine with Spring Security, so you can configure authenticationManager bean with ldap.
http://www.mulesoft.org/documentation/display/current/Configuring+the+Spring+Security+Manager
http://www.mulesoft.org/documentation/display/current/Setting+up+LDAP+Provider+for+Spring+Security