Platform Explorer / Nuxeo Platform 2021.7

Component org.nuxeo.ecm.platform.oauth.keys.OAuthServerKeyManagerImpl

Documentation

Component and Service to manage Asymetric key pair (RSA) used in OAUth signing process

Resolution Order

416
The resolution order represents the order in which this component has been resolved by the Nuxeo Runtime framework.
You can influence this order by adding "require" tags in your component declaration, to make sure it is resolved after another component.

Start Order

823
The start order represents the order in which this component has been started by the Nuxeo Runtime framework.
This number is interesting to tweak if your Java component interacts with other components, and needs to be started before or after another one.
It can be changed by implementing the method "Component#getApplicationStartedOrder()" on your Java component: components are sorted according to this reference value, in increasing order.
The default value is 1000, and the repository initialization uses number 100. Negative values can also be used.

Implementation

Class: org.nuxeo.ecm.platform.oauth.keys.OAuthServerKeyManagerImpl

Services

Extension Points

XML Source

<?xml version="1.0"?>
<component name="org.nuxeo.ecm.platform.oauth.keys.OAuthServerKeyManagerImpl">
  <implementation
          class="org.nuxeo.ecm.platform.oauth.keys.OAuthServerKeyManagerImpl" />
  <documentation>
    Component and Service to manage Asymetric key pair (RSA) used in OAUth signing process

    @author Thierry Delprat (td@nuxeo.com)
  </documentation>

  <service>
        <provide interface="org.nuxeo.ecm.platform.oauth.keys.OAuthServerKeyManager" />
  </service>


 <extension-point name="serverKeyPair">

    <documentation>

      Extension allowing to contribute a RSA Key pair

      For instance :
      <code>

         <serverKeyPair>
            <privateKeyName>nuxeo</privateKeyName>
            <privateKey>-----BEGIN PRIVATE KEY-----YOUR_KEY_HERE-----END PRIVATE KEY-----</privateKey>
            <publicCertificate>-----BEGIN CERTIFICATE-----YOUR_KEY_HERE-----END CERTIFICATE-----</publicCertificate>
        </serverKeyPair>

      </code>

      You should contribute your own key pair for your Nuxeo server.
      You can use OpenSSL to generate this key pair :

      <code>
        openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem -out testkey.pem -subj '/CN=mytestkey'
        openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform PEM
      </code>

    </documentation>

    <object class="org.nuxeo.ecm.platform.oauth.keys.ServerKeyDescriptor" />

  </extension-point>
</component>