JWT with OAuth 2.0 is pretty awesome. You can vali...
# serverb
bdawg.io
12/29/2017, 11:15 PMJWT with OAuth 2.0 is pretty awesome. You can validate the JWT is legit even before hitting the database with a user lookup
d
damian
12/29/2017, 11:17 PMdo you have an example on github? (in kotlin or even with ktor?)
b
bdawg.io
12/29/2017, 11:36 PMI don’t use either. But here’s a talk that discusses API security including OAuth 2.0 with JWT for the access tokens
bdawg.io
12/29/2017, 11:47 PMThere’s some good content in between the 85% of rants
k
kenkyee
12/29/2017, 11:58 PMWorks fine with spring boot or vert.x with Kotlin...and yes, it's the standard. All new apps should use it...
d
dave
12/30/2017, 9:09 AMThe trick here is that, like X-B3 request tracing headers, encrypted JWT tokens can be passed from service to service transparently without messing up your APIs - you need a way of making that "request context" available to both incoming middleware and outgoing http clients.
8 Views