Nav

To Build a Mule OAuth 2 Provider

To use the OAuth 2.0 Access Token Enforcement Using External Provider policy, you need an external OAuth 2.0 provider. One of the following external identity providers are recommended:

  • PingFederate

  • OpenAM

You can also download and import a custom Mule OAuth provider, developed by MuleSoft Consulting, into Anypoint Studio. In Studio, you build the sample provider, and then you run the provider to authenticate credentials against a security service.

In the Mule OAuth provider, you need to configure the credentials, for example the client ID and client secret of the Anypoint Platform organization in which you register the managed API.

Build an external (Mule) OAuth provider application on one of the following installations:

  • Mule 3.8.0 runtime or later

  • API Gateway runtime 2.0 or earlier

    To build the provider on API Gateway runtime 2.0 or earlier, download the Gateway Runtime 2.0 version of the External OAuth 2.0 server for Anypoint Platform from Exchange.

Use the following software and steps in this procedure:

  • Anypoint Studio 6.x with Mule Runtime EE 3.8 or later

  • Java JDK 1.8

  • Maven 3.3.9

To build the provider on Mule Runtime 3.8.x:

  1. Set up credentials in the Mule EE Repository. Create or add to the Maven settings.xml file. For example, on Linux ~/.m2/settings.xml:

    
                
             
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    
    <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                              https://maven.apache.org/xsd/settings-1.0.0.xsd">
    ...
      <servers>
        <server>
          <id>MuleRepository</id>
          <username>mule.username</username>
          <password>mule.password</password>
        </server>
      </servers>
    ...
      <profiles>
        <profile>
          <id>Mule</id>
          <activation>
            <activeByDefault>true</activeByDefault>
          </activation>
          <repositories>
            <repository>
              <id>MuleRepository</id>
              <name>MuleRepository</name>
              <url>https://repository.mulesoft.org/nexus-ee/content/repositories/releases-ee/</url>
    ...
            </repository>
          </repositories>
        </profile>
      </profiles>
      <activeProfiles/>
    </settings>
  2. Download the OAuthProviderStudioArchive.

  3. Launch Studio, and choose File > Import.

    The Select dialog appears.

  4. Expand Anypoint Studio and select Anypoint Studio generated Deployable Archive.

  5. Browse to the OAuthProviderStudioArchive.zip you downloaded, and click Finish.

  6. Log into your Anypoint platform account.

  7. Access the client ID and client secret of the account you are using to create the provider application.

  8. Enter your client Id and client Secret in Anypoint Studio > Preferences > Anypoint Studio > Anypoint Platform for APIs. Alternatively, if you use the Mule command line, start Mule as follows:

    ${MULE_HOME}/bin/mule -M-Danypoint.platform.client_id=client_ID -M-Danypoint.platform.client_secret=client_secret start

    This step is necessary to [test the local provider].

  9. In Project Explorer, select the project name oauth2-cust-provider, right-click, and select Run As > Mule Application with Maven.

    The Configure Maven dialog appears.

  10. Enter your Maven installation home directory, and click Test Maven Configuration.

    Assuming the test was successful, click OK; otherwise, troubleshoot the Maven problem.

    The console reports that the app deployed. Next, test the local provider.

In this topic: