AWS API Gateway + AWS ECS + OAuth2 Password Grant

I plan to create a user management API and deploy it to Wildfly. The API specification will be implemented using Swagger.

Then I will create a Docker image with the Wildfly + application, and then create a container from this image in AWS ECS (EC2 Container Service).

The next step is to import the Swagger API specification into the AWS API Gateway and redirect requests to the newly created AWS ECS container.

My question is. What is the best option for implementing an OAuth2 server:

  • Create it in Lambda Function and use it as Custom Authorizer in AWS API Gateway?
  • Create it on a new Java application (in the same or a new Wildfly container), so don’t you use the "AWS API Autorun" option? Is this possible since requests will be received from the AWS API Gateway? I ask this because when trying to import the Swagger specification and OAuth2 security implementation, the AWS API Gateway gives the following error:

    Your API has not been imported due to errors in the Swagger file. Unsupported type of security definition "oauth2" for "oauth". Not paying attention.

As a side note, since all future API clients will be developed by themselves, I plan to use the Credentials grant for the resource owner password on my OAuth2 server.

+4

Source: https://habr.com/ru/post/1675997/


All Articles