How to create Plugins for Platform Modules?

1 Development of a token enhancer for Identity Manager
- 1.1 Maven project creation
- 1.2 Developing functionality
- 1.3 Generate the JAR
  - 1.3.1 Lightweight JAR
  - 1.3.2 FAT JAR
- 1.4 Indicate the URI of the plugin(s) to the OAuth Server module
- 1.5 JWT token generation test
- 1.6 Resources

In this guide we are going to explain how to develop plugins that a platform module can use, with a concrete example.

This functionality is only available in the Enterprise version of the Platform, starting with version 1.6.2-empire.

Development of a token enhancer for Identity Manager

Say you want to customize the way in which the JWT token provided by the Platform Identity Manager (oauth-server) is constructed.

Maven project creation

To do this, create a new Maven project on which you will develop the proposed functionality.

For the plugin to be 100% compatible with platform modules, it is necessary to use Spring Boot version 1.5.9.RELEASE, and Java version 1.8.

Developing functionality

First you must develop your TokenEnhancer. You are simply going to add a property to the JWT token:

For the Authorization server to use this enhancer, you have to make a configuration class that extends AuthorizationServerConfigurerAdapter. In this class, override the method that configures the server endpoints.

In that method, add your PluginTokenEnhancer to the existing enhancement chain:

This way, your enhancer will be applied at the end of the chain, before returning the JWT token.

Generate the JAR

Lightweight JAR

As long as you do NOT use external libraries that spring-boot brings, you must use this method.

In order to use the plugin, you have to package the maven project in a JAR, either with a mvn clean install or with mvn clean package.

Once the JAR is generated, you must upload it to a server accessible from the Internet, or at least from the machine where the platform is installed.

This can be from a nexus, where you will copy the link to the jar:

https://nexus.onesaitplatform.com/nexus/service/local/repositories/releases/content/com/minsait/onesait/platform/onesaitplatform-base-plugin/1.0.0/onesaitplatform-base-plugin-1.0.0.jar

To the platform's own binary repository:

Notice that the JAR must be public regardless of the source, since the platform module has to have access without any type of authentication.

https://development.onesaitplatform.com/controlpanel/files/5e71fb0e7ec58a000bf6f966

FAT JAR

Whenever you DO use external libraries that spring-boot brings, you must use this method.

The process will be similar to the previous one, but you will have to add a maven plugin to the pom.xml:

<build>
	<plugins>
		<plugin>
			<artifactId>maven-assembly-plugin</artifactId>
			<configuration>
				<descriptorRefs>
					<descriptorRef>jar-with-dependencies</descriptorRef>
				</descriptorRefs>
			</configuration>
			<executions>
				<execution>
					<id>make-assembly</id> 
					<phase>package</phase> 
					<goals>
						<goal>single</goal>
					</goals>
				</execution>
			</executions>
		</plugin>
	</plugins>
</build>

To generate the plugin, you will use the mvn package command.

Bear in mind that this will generate a JAR with all the dependencies, and therefore will considerably increase the size of the plugin.

Indicate the URI of the plugin(s) to the OAuth Server module

We must indicate the URI of the plugin or plugins in the PLUGIN_URI environment variable. If it is the latter case, you must separate the URIs by ';'

In this way, the OAuth Server, when started, will search for the plugins and load them:

JWT token generation test

Now generate the JWT token with the plugin loaded, to verify that the functionality added to the OAuth enhancement chain is being used: