https://kotlinlang.org logo
#ktor
Title
# ktor
s

Sam

01/22/2021, 10:08 PM
Is it possible to secure an api endpoint using OAuth and Ktor? I’m trying to use Postman to call my endpoint but Kto keeps trying to redirect to my OAuth server to request a token. I have the Bearer token setup in Postman and it is sending it along in the POST request. Setup details in thread ->
My setup is installing an OAuth Authentication handler.
Copy code
install(Authentication) {
        oauth {
            client = oauthHttpClient
            providerLookup = {
                OAuthServerSettings.OAuth2ServerSettings(
                    name = "myOAuthServer",
                    authorizeUrl = "<https://myoauthserver/auth>",
                    accessTokenUrl = "<https://myoauthserver/token>",
                    clientId = "myClientID",
                    clientSecret = ""
                )
            }
            urlProvider = { _ ->
                "/"
            }
        }
    }
In my route setup I have:
Copy code
routing {
        authenticate {
            post("/submit") {
                ...
            }
        }
  }
What I’m seeing while debugging is that it is trying to execute an OAuth callback routine to extract a code from the url. Failing that it redirects the client to get a code from the OAuth server.
4 Views