Rest Services with Play Framework,

Adding Security with JWT

Seoul

Mercedes Wyss @itrjwyss

CommunityLeaderJDuchessChapterGuatemala,Devs+502

Ex-JUGMemberGuatemalaJavaUsersGroup(GuateJUG)

ChiefTechnologyOfficer(CTO)atProduactivityFullStackDeveloper,Front-endyBack-endwithJava,Mobile

DevelopmentAndroidandiOS

Auth0TechnologiesAmbassador

Agenda

• Play Framework • Web Services Restful • JSONs • JWT (Json Web Tokens)

Agenda

• Play Framework • Web Services Restful • JSONs • JWT (Json Web Tokens)

Play Framework

• Makes it easy to build web applications with Java and Scala.

• Is based on a lightweight, stateless, web-friendly architecture.

• Built on Akka, provides predictable and minimal resources consumption (CPU, memory, threads) for

highly-scalable applications.

Server:1CPU1GBRam

JavaorScala

IsReactive

MVCArchitecture

AppServer

SinceVersion2.6.x

FewerConfigurations

JRebelBehaviorMorecode,Lessdeploys

HowstartaPlayproject?WeneedtouseSBT

Createsbtnewplayframework/play-scala-seed.g8sbtnewplayframework/play-java-seed.g8

Deploysbtrun

$ sbt new playframework/play-java-seed.g8

This template generates a Play Java project

name [play-java-seed]: OracleCodeSeul organization [com.example]: com.produactivity scala_version [2.12.2]: play_version [2.6.1]:

Template applied in ./oraclecodeseul

$

$ cd oraclecodeseul/ Oraclecodeseul $ sbt run

Full Project Structure

Simple

Project Structure

Agenda

• PlayFramework• WebServicesRestful• JSONs• JWT(JsonWebTokens)

WebServices

• HyperTextTransferProtocol(HTTP)• Allowscommunicationbetweenaclientandaserver• Provideastandardmeansofinteroperatingbetweendifferent

softwareapps• Characterizedforinteroperabilityandextensibility• BasedonXML

Linda.com(June2017)https://www.lynda.com/Software-Development-tutorials/What-web-service/126131/145941-4.html

SOAP

• SimpleObjectAccessProtocol• XML-based• UseWSDLasspecificationdescription(WebServicesDescriptionLanguage)• Needtofollowacommunicationprotocol

Restful

• SoftwareArchitecturebasedonHTTPmethods(Get,Post,Put,Delete,etc)• TypicallyuseJSON,butcanuseXML,Text

MadhaiyanMuthu(June2017)https://www.slideshare.net/madhaiyanm/web-services-a-practical-approach

415bytes

415bytes

57bytes

Difference• Ifwearesendingaxml

of415bytes,wearesending358bytesmore

• Ifwearesendingajson of415bytes,wearesending358bytesless

• Thereis86%ofmoreorlessinformation

Agenda

• PlayFramework• WebServicesRestful• JSONs• JWT(JsonWebTokens)

JSON

• JavaScriptObjectNotation• Isalightweightdata-interchangeformat• Self-describing• Human-reading• IsaProtocol

JSONExample

JSONScheme

Agenda

• PlayFramework• WebServicesRestful• JSONs• JWT(JsonWebTokens)

JWT

Isanopenstandard(RFC7519)thatdefinesacompactandself-containedwayforsecurelytransmittinginformation

betweenpartiesasaJSONobject.

Auth0(June2017)https://cdn.auth0.com/content/jwt/jwt-diagram.png

JWTStructure

JWTStructure

JWTStructure

To End Let’s See the Magic Live

México