LIGHT

  • News
  • Docs
  • Community
  • Reddit
  • GitHub
Star

Service Registration

OAuth2 is used to protect services, and each service must register itself with endpoints and scopes to have fine-grained access control. The OAuth 2.0 specification only mentioned client registration with scopes along with it. For a simple application or single monolithic web service, it is OK. However, if we have hundreds of services with thousands of scopes, the scope management will be a nightmare.

It is easier for consumers and providers to use endpoints in discussion than meaningless scopes. To do that, we introduced service registration and service endpoint registration. Based on the endpoint access between client and service, we can calculate the client’s scope during the token creation.

This microservice provides endpoints for adding a new service, updating an existing service, removing an existing service and query service(s).

It also allows you to optionally register service endpoints with scopes to help with client registration and scope calculation.

In this tutorial, we are using the curl command to demo how these services are working. In reality, these endpoints are accessed from light-portal UI.

To add a new service.

curl -k -H "Content-Type: application/json" -X POST -d '{"host":"lightapi.net","serviceId":"AACT0003","serviceType":"openapi","serviceName":"Retail Account","serviceDesc":"Microservices for Retail Account","scope":"act.r act.w","ownerId":"admin"}' https://localhost:6883/oauth2/service

To query all services.

curl -k https://localhost:6883/oauth2/service?page=0

And here is the result.

[{"host":"lightapi.net","serviceType":"openapi","serviceDesc":"A microservice that serves account information","scope":"a.r b.r","serviceId":"AACT0001","serviceName":"Account Service","ownerId":"admin","updateDt":null,"createDt":"2016-12-31"},{"serviceType":"ms","serviceDesc":"Microservices for Retail Account","scope":"act.r act.w","serviceId":"AACT0003","serviceName":"Retail Account","ownerId":"admin","updateDt":null,"createDt":"2016-12-31"}]

To query a service with service id.

curl -k https://localhost:6883/oauth2/service/AACT0003

And here is the result.

{"serviceType":"openapi","serviceDesc":"Microservices for Retail Account","scope":"act.r act.w","serviceId":"AACT0003","serviceName":"Retail Account","ownerId":"admin"}

To update above service type to “api”.

curl -k -H "Content-Type: application/json" -X PUT -d '{"host":"lightapi.net","serviceType":"swagger","serviceDesc":"Microservices for Retail Account","scope":"act.r act.w","serviceId":"AACT0003","serviceName":"Retail Account","ownerId":"admin"}' https://localhost:6883/oauth2/service

To delete above service with service id.

curl -k -X DELETE https://localhost:6883/oauth2/service/AACT0003

To add several endpoints along with scopes to a service.

curl -k -H "Content-Type: application/json" -X POST -d '[{"endpoint":"/v1/[email protected]","operation":"createData","scope":"data.w"},{"endpoint":"/v1/[email protected]","operation":"updateData","scope":"data.w"},{"endpoint":"/v1/[email protected]","operation":"retrieveData","scope":"data.r"},{"endpoint":"/v1/[email protected]","operation":"deleteData","scope":"data.w"}]' https://localhost:6883/oauth2/service/AACT0001/endpoint

There is no response body for this request but you will receive 200 response code.

To query the endpoints linked to the service.

curl -k https://localhost:6883/oauth2/service/AACT0001/endpoint

The return value should be.

[{"factoryId":5,"id":5,"operation":"createData","endpoint":"/v1/[email protected]","scope":"data.w"},{"factoryId":5,"id":5,"operation":"updateData","endpoint":"/v1/[email protected]","scope":"data.w"},{"factoryId":5,"id":5,"operation":"retrieveData","endpoint":"/v1/[email protected]","scope":"data.r"},{"factoryId":5,"id":5,"operation":"deleteData","endpoint":"/v1/[email protected]","scope":"data.w"}]

Now let’s delete the endpoints for the service.

curl -k -X DELETE https://localhost:6883/oauth2/service/AACT0001/endpoint

You should have received 200 response code. To verify if these endpoints were deleted. You can issue the same query command again. You should have the following error.

{"statusCode":404,"code":"ERR12042","message":"SERVICE_ENDPOINT_NOT_FOUND","description":"Service endpoint not found for serviceId AACT0001"}
  • About Light
    • Overview
    • Testimonials
    • What is Light
    • Features
    • Principles
    • Benefits
    • Roadmap
    • Community
    • Articles
    • Videos
    • License
    • Why Light Platform
  • Getting Started
    • Get Started Overview
    • Environment
    • Light Codegen Tool
    • Light Rest 4j
    • Light Tram 4j
    • Light Graphql 4j
    • Light Hybrid 4j
    • Light Eventuate 4j
    • Light Oauth2
    • Light Portal Service
    • Light Proxy Server
    • Light Router Server
    • Light Config Server
    • Light Saga 4j
    • Light Session 4j
    • Webserver
    • Websocket
    • Spring Boot Servlet
  • Architecture
    • Architecture Overview
    • API Category
    • API Gateway
    • Architecture Patterns
    • CQRS
    • Eco System
    • Event Sourcing
    • Fail Fast vs Fail Slow
    • Integration Patterns
    • JavaEE declining
    • Key Distribution
    • Microservices Architecture
    • Microservices Monitoring
    • Microservices Security
    • Microservices Traceability
    • Modular Monolith
    • Platform Ecosystem
    • Plugin Architecture
    • Scalability and Performance
    • Serverless
    • Service Collaboration
    • Service Mesh
    • SOA
    • Spring is bloated
    • Stages of API Adoption
    • Transaction Management
    • Microservices Cross-cutting Concerns Options
    • Service Mesh Plus
    • Service Discovery
  • Design
    • Design Overview
    • Design First vs Code First
    • Desgin Pattern
    • Service Evolution
    • Consumer Contract and Consumer Driven Contract
    • Handling Partial Failure
    • Idempotency
    • Server Life Cycle
    • Environment Segregation
    • Database
    • Decomposition Patterns
    • Http2
    • Test Driven
    • Multi-Tenancy
    • Why check token expiration
    • WebServices to Microservices
  • Cross-Cutting Concerns
    • Concerns Overview
  • API Styles
    • Light-4j for absolute performance
    • Style Overview
    • Distributed session on IMDG
    • Hybrid Serverless Modularized Monolithic
    • Kafka - Event Sourcing and CQRS
    • REST - Representational state transfer
    • Web Server with Light
    • Websocket with Light
    • Spring Boot Integration
    • Single Page Application
    • GraphQL - A query language for your API
    • Light IBM MQ
    • Light AWS Lambda
    • Chaos Monkey
  • Infrastructure Services
    • Service Overview
    • Light Proxy
    • Light Mesh
    • Light Router
    • Light Portal
    • Messaging Infrastructure
    • Centralized Logging
    • COVID-19
    • Light OAuth2
    • Metrics and Alerts
    • Config Server
    • Tokenization
    • Light Controller
  • Tool Chain
    • Tool Chain Overview
  • Utility Library
  • Service Consumer
    • Service Consumer
  • Development
    • Development Overview
  • Deployment
    • Deployment Overview
    • Frontend Backend
    • Linux Service
    • Windows Service
    • Install Eventuate on Windows
    • Secure API
    • Client vs light-router
    • Memory Limit
    • Deploy to Kubernetes
  • Benchmark
    • Benchmark Overview
  • Tutorial
    • Tutorial Overview
  • Troubleshooting
    • Troubleshoot
  • FAQ
    • FAQ Overview
  • Milestones
  • Contribute
    • Contribute to Light
    • Development
    • Documentation
    • Example
    • Tutorial
“Service Registration” was last updated: July 5, 2021: fixes #275 checked and corrected grammar/spelling for majority of pages (#276) (b3bbb7b)
Improve this page
  • News
  • Docs
  • Community
  • Reddit
  • GitHub
  • About Light
  • Getting Started
  • Architecture
  • Design
  • Cross-Cutting Concerns
  • API Styles
  • Infrastructure Services
  • Tool Chain
  • Utility Library
  • Service Consumer
  • Development
  • Deployment
  • Benchmark
  • Tutorial
  • Troubleshooting
  • FAQ
  • Milestones
  • Contribute