book

Getting Started with Mule Cloud Connect

by Ryan Carter

December 2012

Beginner

138 pages

2h 57m

English

O'Reilly Media, Inc.

Read now

Unlock full access

From Messaging to ConnectivityConventions Used in This BookUsing Code ExamplesSafari® Books OnlineHow to Contact UsContent UpdatesAcknowledgments
Cloud Connectors versus the REST of the WorldTransport-Specific ClientsLanguage-Specific ClientsService-Specific Client LibrariesCloud ConnectorsMule: A PrimerMule ConfigurationFlowsMessage SourcesMessage ProcessorsVariables and ExpressionsMessage propertiesAdditional variablesStoring variable dataSetting propertiesSetting variablesEnrichmentFunctionsRoutingSummary
Installing Cloud ConnectorsMavenUpdate SitesManual InstallationNamespace and Schema DeclarationsGlobal ConfigurationMultiple Connector ConfigurationsConnector OperationsSimple ArgumentsCollections and Structured ArgumentsComplex typesPassing by referenceExpression EvaluationParsing the ResponseSummary
Configuring OAuth ConnectorsDeveloper and Application RegistrationConfiguring the Consumer Key and Consumer SecretAuthorizing the ConnectorRedirecting for AuthorizationAdditional Authorization Parametersstate parameterCustom parametersAccessing Protected OperationsCustomizing the CallbackCustomizing the Callback URLSecuring the CallbackSaving and Restoring OAuth StateAutomatic State ManagementIdentifying the userOverriding the default object storeManual State ManagementUnauthorizing the ConnectorTwo-Legged OAuth and Other VariationsDeveloper and Application RegistrationConfiguring the Access TokensAuthorizing the ConnectorSummary
Configuring Connection ManagementPooling ConnectionsConnection ParametersFine-Tuning the PoolReconnection StrategiesStandard Reconnection StrategyReconnect Forever StrategyCustom Reconnection StrategySummary
Polling ConnectorsA Polling OperationParsing the ResponseSplitting things upFiltering unique resultsStreaming APIsConfiguring Streaming ConnectorsConsuming the StreamParsing the StreamWebHooksConfiguring WebHooksParsing the CallbackCustomizing the CallbackCustomizing the callback URLSecuring the callbackSummary
Creating Your First Cloud ConnectorSetting Up Your Development EnvironmentGenerating the SkeletonConnector AnnotationsConnectors@ConnectorConnector Configuration@Configurable@Optional@DefaultConnector Operations@Processor@SourceConnection Management@Connect@Disconnect@ValidateConnection@ConnectionIdentifier@InvalidateConnectionOnInteracting with API@RestCall@RestQueryParam@RestUriParamDocumenting Your ConnectorConnectorsConfigurable FieldsMessage ProcessorsSample XMLGenerating the DocumentationBuilding Your ConnectorPackaging Your ConnectorInstalling Your ConnectorPublishing Your ConnectorGoing Further

Content preview from Getting Started with Mule Cloud Connect

Chapter 3. OAuth Connectivity

On the Web, authentication is vital. Particularly with Open APIs, applications are relying more and more on resources that are spread all across the Web. Very few service providers offer APIs without some form of security or authorization. Some service providers just want to identify the consuming application via an API key, while others that deal with more sensitive user information have finer-grained authorization mechanisms such as OAuth.

To put OAuth into context, consider the following scenarios:

An online photo lab printing your Flickr photos
A social network using your Google address book to look for friends
A fitness app that posts your progress to Twitter

It’s great to utilize all these resources, but in order for these applications to access user data on other sites, they ask for usernames and passwords. Not only does this require exposing a user’s password to some random application on the Web, but also provides these applications unlimited access to do as they wish.

So how do you allow a third-party application access to your account without disclosing your credentials? How can you grant partial access to your account, such as allowing an application to read your updates but not post any on your behalf? What if this third party application turns out to be malicious in some way? You need a way to revoke access at any time. These sort of situations are where OAuth comes in. OAuth provides a method for users to grant third-party access to their ...