Contact Free trial Login

Mule OAuth 2.0 Client Store Configuration

Mule OAuth 2.0 Client Store allows the Mule OAuth 2.0 Provider to use Anypoint Client Applications for token generation.

This feature is available for Mule 4.2.0 and later.

Prerequisites

The Mule runtime engine hosting the Mule OAuth 2.0 Provider must meet two requirements:

OAuth 2.0 Client Store Properties

The Object Store has two configurable properties:

anypoint.oauth_provider.cache_persistence_enabled Defines whether the caching mechanism should persist locally. The default value is true if the property is not set or cannot be parsed. Cache persistence allows client authorization without connection to Anypoint Platform.

anypoint.oauth_provider.cache_ttl_days

Represents how many days each Client Application should be cached by the OAuth Server. This value can be any positive floating point number. The default value is 30, representing 30 days.

Usage

To set the Mule OAuth Client Store in your OAuth Provider, use the following Object Store in the clientStore parameter of the oauth-provider:config element.

...
    <mule xmlns:os="http://www.mulesoft.org/schema/mule/os"
      xmlns:agw-client-store="http://www.mulesoft.org/schema/mule/agw-client-store"
      xsi:schemaLocation="
        http://www.mulesoft.org/schema/mule/agw-client-store http://www.mulesoft.org/schema/mule/agw-client-store/current/mule-agw-client-store.xsd
        http://www.mulesoft.org/schema/mule/os http://www.mulesoft.org/schema/mule/os/current/mule-os.xsd">

    <os:config name="agwConfig">
        <agw-client-store:connection/>
    </os:config>

    <os:object-store name="clientObjectStore" config-ref="agwConfig"/>
...

Remember that the following dependency must be added to the project, and that the application min Mule version must be 4.2.0 or higher.

...
    <dependency>
        <groupId>com.mulesoft.anypoint</groupId>
        <artifactId>api-gateway-oauth2-client-store</artifactId>
        <version>1.0.0</version>
        <classifier>mule-plugin</classifier>
    </dependency>
...

Token Cache

To prevent downtime of the Mule OAuth 2.0 provider due to errors when connecting to the platform, the Mule OAuth Client Store caches each valid Client Application for which a token is requested. If the Mule OAuth 2.0 provider requests a new token while there is no connection, the OAuth 2.0 Client Store fallbacks to the cache. The expiration of its entries has a default of 30 days. Additionally, you can configure this range, and even set it to persist the cache locally to ensure service availability in case of a restart or lack of connection to the platform. In case a Client Application for which a token already exists in the Client Store is removed from Anypoint Platform, on the next token request, the Client Store will remove the Client from the cache, mirroring the platform status.