Skip to content

Simple Web Client

So far the uaa CLI has been the only UAA client we have encountered. In this section we will start writing a bespoke UAA client that is a web application.

To write a web application in a book is to be forced to pick a programming language/web framework which some readers will not be familiar. But in its own way perhaps that is ok - since in essence you might be best equiped if you re-write the example applications in a language/framework that suites you best.

To explore the UAA integration is fundamentally to explore OAuth2. Each of the authentication flows earlier discussed are all OAuth2 flows:

  • Authorization Code Flow (for apps with servers that can store persistent information).
  • Password Credentials (when previous flow can't be used or during development).
  • Client Credentials Flow (the client can request an access token using only its client credentials).

Self-signed certificates

The UAA service created with uaa-deployment up was published with a self-signed certificate with its own root certificate. Many OAuth2 client libraries do not yet support passing a custom certificate as an option, since they assume a publicly visible OAuth2 service such as Google, GitHub, or Facebook. You might need to patch these libraries.

Examples include: