Book Image

RESTful Java Web Services - Third Edition

By : Balachandar Bogunuva Mohanram, Jobinesh Purushothaman
Book Image

RESTful Java Web Services - Third Edition

By: Balachandar Bogunuva Mohanram, Jobinesh Purushothaman

Overview of this book

Representational State Transfer (REST) is a simple yet powerful software architecture style to create lightweight and scalable web services. The RESTful web services use HTTP as the transport protocol and can use any message formats, including XML, JSON(widely used), CSV, and many more, which makes it easily inter-operable across different languages and platforms. This successful book is currently in its 3rd edition and has been used by thousands of developers. It serves as an excellent guide for developing RESTful web services in Java. This book attempts to familiarize the reader with the concepts of REST. It is a pragmatic guide for designing and developing web services using Java APIs for real-life use cases following best practices and for learning to secure REST APIs using OAuth and JWT. Finally, you will learn the role of RESTful web services for future technological advances, be it cloud, IoT or social media. By the end of this book, you will be able to efficiently build robust, scalable, and secure RESTful web services using Java APIs.
Table of Contents (11 chapters)

Securing RESTful web services with OAuth

OAuth is an open standard for authorization, used by many enterprises and service providers to protect their resources. OAuth solves a different security problem from what HTTP basic authentication has been used for. The OAuth protocol allows client applications to access protected resources on behalf of the resource owner (typically, the application user).

If we look at the history of this protocol, OAuth version 1.0 was published as RFC 5849 in 2010. Later, the next evolution of OAuth, version 2.0, was published as RFC 6749 in 2012. Note that these two versions are different in their implementations and do not have many things in common. In this section, we will explore what the OAuth protocol and its details are. We will also discuss accessing OAuth-protected RESTful web APIs from a RESTful web service client.

...