Perform Lookups with OAuth 2.0 Authentication

TIBCO Enterprise Message Service client programs can perform JNDI lookups using OAuth 2.0 authentication. To accomplish this, the client program must set OAuth 2.0 properties in the environment when the InitialContext is created. The OAuth 2.0 properties are similar to the fault-tolerance OAuth 2.0 properties for the TIBCO Enterprise Message Service server.

See Authentication Using OAuth 2.0 for more information about using OAuth 2.0 in the TIBCO Enterprise Message Service server.

The following examples illustrate how to create an InitialContext that can be used to perform JNDI lookups using OAuth 2.0.

• Java

  In this example, the OAuth 2.0 authorization server is located at https://my-oauth2-server.example.com/token and is secured with HTTPS with a root CA located at certs/oauth2_server_rootCA.cert.pem. Authentication is using the Client Credentials Grant with OAuth 2.0 client ID example-client and OAuth 2.0 client secret example-secret.

  Hashtable env = new Hashtable();
  env.put(Context.INITIAL_CONTEXT_FACTORY,    "com.tibco.tibjms.naming.TibjmsInitialContextFactory");
  env.put(Context.PROVIDER_URL, "tibjmsnaming://localhost:7222”);
  env.put(Context.OAUTH2_SERVER_URL, "https://my-oauth2-server.example.com/token");
  env.put(Context.OAUTH2_CLIENT_ID, "example-client");
  env.put(Context.OAUTH2_CLIENT_SECRET, "example-secret");
  env.put(Context.OAUTH2_SERVER_TRUST_FILE, "certs/oauth2_server_rootCA.cert.pem");
  Context context = new InitialContext(env);
  

• C

  Create a tibemsOAuth2Params object and set the OAuth 2.0 parameters there. Use the tibemsLookupContext_CreateOAuth2 function to create a tibemsLookupContext object that uses a connection authenticated via OAuth 2.0 for the initial context.

  tibemsLookupContext*     context      = NULL;
  tibemsConnection_Factory factory      = NULL;
  tibemsOAuth2Params       oauth2Params = NULL;
  tibems_status            status       = TIBEMS_OK;
  oauth2Params = tibemsOAuth2Params_Create();
  status = tibemsOAuth2Params_SetServerURL(
  				oauth2Params,
  				"https://my-oauth2-server.example.com/token");
  status = tibemsOAuth2Params_SetClientID(
  				oauth2Params,
  				"example-client");
  status = tibemsOAuth2Params_SetClientSecret(
  				oauth2Params,
  				"example-secret");
  status = tibemsOAuth2Params_SetServerTrustFile(
  				oauth2Params,
  				"certs/oauth2_server_rootCA.cert.pem");
  status = tibemsLookupContext_CreateOAuth2(
                    		&context,
                     		"tcp://localhost:7222",
  				oauth2Params,
                    		NULL, NULL, NULL, NULL);
  

• C#

  Create a ILookupContext object for the initial context, which consists of the JNDI provider URL and OAuth 2.0 parameters to authenticate the client to the EMS server.

  Hashtable env = new Hashtable();
  env.Add(LookupContext.PROVIDER_URL, "tibjmsnaming://localhost:7222");
  env.Add(LookupContext.OAUTH2_SERVER_URL, "https://my-oauth2-server.example.com/token");
  env.Add(LookupContext.OAUTH2_CLIENT_ID, "example-client");
  env.Add(LookupContext.OAUTH2_CLIENT_SECRET, "example-secret");
  LookupContextFactory lcf = new LookupContextFactory();
  ILookupContext searcher = lcf.CreateContext(LookupContextFactory.TIBJMS_NAMING_CONTEXT, env);