Implementation of a component to manage authorization for a web application
(2021) EITL05 20212Department of Electrical and Information Technology
- Abstract (Swedish)
- Examensarbetet utfördes i samarbete med Klarna i Giessen med
syftet att utveckla en komponent i en del av en webbapplikation som
hanterar autentisering. Komponenten skulle interagera med
auktoriseringstjänsten försedd från Okta tillsammans med korrekt
auktoriseringsflöde som en lösning för tillåten användning av
webbapplikationen. Arbetet inleddes med en undersökning av
webbapplikationen, bakomliggande kod och dåvarande
säkerhetsåtgärder. Därefter evaluerades olika typer av
auktoriseringsflöden som Okta stödde. Komponenten blev byggd i
programmeringsspråket Java tillsammans med ramverket Spring och
bestod av tre klasser:
- ett REST API med en kommunikationspunkt som Okta
överför essentiell information till efter en lyckad... (More) - Examensarbetet utfördes i samarbete med Klarna i Giessen med
syftet att utveckla en komponent i en del av en webbapplikation som
hanterar autentisering. Komponenten skulle interagera med
auktoriseringstjänsten försedd från Okta tillsammans med korrekt
auktoriseringsflöde som en lösning för tillåten användning av
webbapplikationen. Arbetet inleddes med en undersökning av
webbapplikationen, bakomliggande kod och dåvarande
säkerhetsåtgärder. Därefter evaluerades olika typer av
auktoriseringsflöden som Okta stödde. Komponenten blev byggd i
programmeringsspråket Java tillsammans med ramverket Spring och
bestod av tre klasser:
- ett REST API med en kommunikationspunkt som Okta
överför essentiell information till efter en lyckad inloggning via
Oktas portal.
- en klass som hanterar all logik angående auktorisering.
- en klass som översatte all respons från Okta’s API till
användbara objekt.
Flödet “Authorization code flow” var det som slutligen användes i
komponenten tillsammans med logik för både access tokens och
refresh tokens. (Less) - Abstract
- This thesis was written in collaboration with Klarna in Giessen
with the purpose of developing a component to deal with
authentication in a web application. The component is intended to
interact with the authorization service from Okta with the correct type
of authorization flow to allow or disallow access to the web
application’s resources. At first, knowledge was gathered regarding the
web application, the underlying code and its current safety
measurements. Then, different types of authorization flows that Okta
was supporting at the time were evaluated. The component was built
with the programming language Java together with the framework
Spring and consisted of three classes:
- one REST API with an endpoint to which Okta... (More) - This thesis was written in collaboration with Klarna in Giessen
with the purpose of developing a component to deal with
authentication in a web application. The component is intended to
interact with the authorization service from Okta with the correct type
of authorization flow to allow or disallow access to the web
application’s resources. At first, knowledge was gathered regarding the
web application, the underlying code and its current safety
measurements. Then, different types of authorization flows that Okta
was supporting at the time were evaluated. The component was built
with the programming language Java together with the framework
Spring and consisted of three classes:
- one REST API with an endpoint to which Okta sends the
required data in case of a successful login via Okta’s portal.
- one class that manages all the logic for authorization.
- one helper class that translates the response from Okta’s API
into usable Java objects.
Authorization code flow was implemented in this solution together
with logic for both access and refresh tokens. (Less)
Please use this url to cite or link to this publication:
http://lup.lub.lu.se/student-papers/record/9069204
- author
- Paulsen, Victor Kai Oscar LU
- supervisor
- organization
- course
- EITL05 20212
- year
- 2021
- type
- M2 - Bachelor Degree
- subject
- keywords
- SSO, Auth, Spring Boot, Okta, Web Application, Security, OAuth2.0, OIDC, Authorization code flow, API.
- report number
- LU/LTH-EIT 2021-854
- language
- English
- id
- 9069204
- date added to LUP
- 2022-01-04 10:51:36
- date last changed
- 2022-01-04 10:51:36
@misc{9069204, abstract = {{This thesis was written in collaboration with Klarna in Giessen with the purpose of developing a component to deal with authentication in a web application. The component is intended to interact with the authorization service from Okta with the correct type of authorization flow to allow or disallow access to the web application’s resources. At first, knowledge was gathered regarding the web application, the underlying code and its current safety measurements. Then, different types of authorization flows that Okta was supporting at the time were evaluated. The component was built with the programming language Java together with the framework Spring and consisted of three classes: - one REST API with an endpoint to which Okta sends the required data in case of a successful login via Okta’s portal. - one class that manages all the logic for authorization. - one helper class that translates the response from Okta’s API into usable Java objects. Authorization code flow was implemented in this solution together with logic for both access and refresh tokens.}}, author = {{Paulsen, Victor Kai Oscar}}, language = {{eng}}, note = {{Student Paper}}, title = {{Implementation of a component to manage authorization for a web application}}, year = {{2021}}, }