This repo supports our (Mich-b and me) summer 2018 workshop on REST API access control. It illustrates 3 different API access control strategies on a React client:
- API keys
- OAuth 2.0 Resource Owner Password Credentials grant
- OpenID Connect Implicit Flow
There is a separate branch for each. There is also a branch that starts from the bare bones OpenID Connect Implicit Flow implementation and adds silent authentication. Silent authentication avoids the need for user interaction with the authorization server when new security tokens are needed.
Currently you are on the master branch. The master branch should be a good starting point to try to develop these strategies yourself. If you get stuck, you can refer to the feature branch that implements the strategy you are trying to learn.
Detailed instructions for the workshops are available online.
The project was bootstrapped with Create React App and can be extended as such.
git clone git@github.com:JohanPeeters/react-rest-client.git
cd react-rest-client
npm install
Prerequisites:
- Node.js
- git
npm start
in the local repo runs the app in development mode. It can be viewed in the browser at http://localhost:3000.