Microservices Classroomnotes 11/Jan/2022

Identity in our microservices application

  • As of now we have built two microservices
  • catalog service
  • basket service
  • We need to add some more services
  • Order Service
  • Payment Service
  • We need to build an Web Application which will internally access these microservices and we can also extend this to a mobile app.
  • We need a service which will authenticate the user and there are inter service communications which also needs to be authenticated.
  • For this we need an identity service which will handle authentication and authorization for user and also services to establish secure communications
  • Lets try to understand about OAuth2 and OIDC (OpenID Connect) Specifications
  • OAUTH2 Spec Refer Here
  • OIDC Spec Refer Here

OAuth 2.0

  • OAuth is used for Authorization between services
  • To understand oauth better, refer to the classroom video, where we have used the Resume building website as and example
    Preview
  • OAuth Terminologies
  • Resource -> Protected Resource
  • Resource Owner
  • Resource Server => Server that is hosting Protected Resources
  • Client => An application trying to access the Protected Resource
  • Authorization Server => The server issuing access tokens to the client

  • OAuth Flows:

  • Refer Here for the different flows and their difficulty in implementation

Authorization Code Flow

Preview

Implicit Flow

  • In the above image in step5 AUTH TOKEN is sent but in implicit FLOW, ACCESS TOKEN is returned directly
  • WHich will be used by client to access the protected resource.
  • This access token has to be short lived.

Client Credentials Flow

  • This is used when your clients are well trusted.
  • In microservices each service is confidential client and is well trusted Refer Here

Open ID Connect (OIDC)

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner