{"id":28112904,"url":"https://github.com/zalando/tokens","last_synced_at":"2025-05-14T05:05:21.637Z","repository":{"id":32335272,"uuid":"35910675","full_name":"zalando/tokens","owner":"zalando","description":"Java library for conveniently verifying and storing OAuth 2.0 service access tokens","archived":true,"fork":false,"pushed_at":"2022-12-05T04:00:25.000Z","size":568,"stargazers_count":171,"open_issues_count":13,"forks_count":66,"subscribers_count":24,"default_branch":"master","last_synced_at":"2024-06-18T23:02:53.142Z","etag":null,"topics":["authentication","hacktoberfest","java","javadoc","jvm","oauth2","tokens"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zalando.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null}},"created_at":"2015-05-19T21:55:46.000Z","updated_at":"2024-04-19T01:35:44.000Z","dependencies_parsed_at":"2023-01-14T20:59:39.041Z","dependency_job_id":null,"html_url":"https://github.com/zalando/tokens","commit_stats":null,"previous_names":["zalando-stups/tokens"],"tags_count":42,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zalando%2Ftokens","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zalando%2Ftokens/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zalando%2Ftokens/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zalando%2Ftokens/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zalando","download_url":"https://codeload.github.com/zalando/tokens/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254076849,"owners_count":22010611,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","hacktoberfest","java","javadoc","jvm","oauth2","tokens"],"created_at":"2025-05-14T05:01:25.007Z","updated_at":"2025-05-14T05:05:21.624Z","avatar_url":"https://github.com/zalando.png","language":"Java","funding_links":[],"categories":["安全"],"sub_categories":[],"readme":"## Tokens\n\n**Tokens** is a Java library for verifying and storing OAuth 2.0 service access tokens. It is resilient, configurable, and production-tested, and works with all JVM languages.\n\n[![Build Status](https://travis-ci.org/zalando/tokens.svg?branch=master)](https://travis-ci.org/zalando/tokens)\n[![Javadocs](http://www.javadoc.io/badge/org.zalando.stups/tokens.svg)](http://www.javadoc.io/doc/org.zalando.stups/tokens)\n![Maven Central](https://img.shields.io/maven-central/v/org.zalando.stups/tokens.svg)\n[![Coverage Status](https://coveralls.io/repos/zalando-stups/tokens/badge.svg?branch=master)](https://coveralls.io/r/zalando-stups/tokens?branch=master)\n[![codecov.io](https://codecov.io/github/zalando/tokens/coverage.svg?branch=master)](https://codecov.io/github/zalando/tokens?branch=master)\n\n### Project Features and Functionality\n\nSome features Tokens offers:\n\n- Support for credential rotation, by reading them on-demand from the file system\n- Extensibility with a credentials provider\n- Configuration flexibility; specify multiple tokens with different scopes\n- Ability to inject fixed OAuth2 access tokens\n\nTokens can be useful to devs (at any company, large or small) who are working with highly-distributed microservices deployed in the cloud and need to authenticate the traffic generated when accessing APIs. For example, if your team wants to consume an API with OAuth2 credentials, Tokens will fetch the tokens for you. Then you just [add scopes](#Usage) in the token. \n\nWhen creating tokens, it's easy to make a lot of mistakes. Tokens aims to save you hassle and time.\n\n### Prerequisites\n\n- Java 11\n- Maven\n- Gradle\n\n#### Maven Dependency\n\nAdd it with:\n\n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003eorg.zalando.stups\u003c/groupId\u003e\n    \u003cartifactId\u003etokens\u003c/artifactId\u003e\n    \u003cversion\u003esee above\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n#### Gradle Dependency\n\n``compile('org.zalando.stups:tokens:${version}') ``\n\n### Usage in Zalando K8s environment (with `PlatformCredentialsSet`)\n\nIt uses `/meta/credentials` as a default folder to look for provided tokens by `PlatformCredentialsSet`.\n\n```java\nimport org.zalando.stups.tokens.Tokens;\nimport org.zalando.stups.tokens.AccessTokens;\n\nAccessTokens tokens = Tokens.createAccessTokensWithUri(new URI(\"https://this.url.will.be.ignored\"))\n                            .start();\n\nwhile (true) {\n    final String token = tokens.get(\"exampleRO\");\n\n    Request.Get(\"https://api.example.com\")\n           .addHeader(\"Authorization\", \"Bearer \" + token)\n           .execute():\n\n    Thread.sleep(1000);\n}\n```\n\nWant to migrate from STUPS to K8s? [See the hints](#migration-from-zalandos-stups-env-to-zalandos-k8s-env).\n\n### Usage in Zalandos STUPS environment\n\n```java\nimport org.zalando.stups.tokens.Tokens;\nimport org.zalando.stups.tokens.AccessTokens;\n\nAccessTokens tokens = Tokens.createAccessTokensWithUri(new URI(\"https://example.com/access_tokens\"))\n                            .manageToken(\"exampleRW\")\n                                .addScope(\"read\")\n                                .addScope(\"write\")\n                                .done()\n                            .manageToken(\"exampleRO\")\n                                .addScope(\"read\")\n                                .done()\n                            .start();\n\nwhile (true) {\n    final String token = tokens.get(\"exampleRO\");\n\n    Request.Get(\"https://api.example.com\")\n           .addHeader(\"Authorization\", \"Bearer \" + token)\n           .execute():\n\n    Thread.sleep(1000);\n}\n```\n\n### Migration from Zalandos STUPS env to Zalandos K8s env\n\nYour code can stay as is.\n\nA common issue is not mounting the credentials. Please use the example below as a guide line.\n\n```\n...\n          volumeMounts:\n          - name: \"{{ APPLICATION }}-credentials\"\n            mountPath: /meta/credentials\n            readOnly: true\n      volumes:\n        - name: \"{{ APPLICATION }}-credentials\"\n          secret:\n            secretName: \"{{ APPLICATION }}-credentials\"\n```\n\nPlease also make sure that token identifiers/names must equal the respective items in `credentials.yaml`::\n\n```\napiVersion: \"zalando.org/v1\"\nkind: PlatformCredentialsSet\nmetadata:\n   name: \"{{ APPLICATION }}-credentials\"\nspec:\n   application: \"{{ APPLICATION }}\"\n   tokens:\n     exampleRW:\n       privileges:\n         - com.zalando::read\n         - com.zalando::write\n     exampleRO:\n       privileges:\n         - com.zalando::read\n```\n\n### Local Testing\n\nWith Tokens, you can inject fixed OAuth2 access tokens via the `OAUTH2_ACCESS_TOKENS` environment variable and test applications locally with personal OAuth2 tokens. As an example:\n\n```bash\n$ MY_TOKEN_1=$(zign token -n mytok1)\n$ MY_TOKEN_2=$(zign token -n mytok2)\n$ export OAUTH2_ACCESS_TOKENS=mytok1=$MY_TOKEN_1,mytok2=$MY_TOKEN_2\n$ lein repl # start my local Clojure app using the tokens library\n```\n\nIn production on EC2 instances, Tokens fetches access tokens by requesting an authorization server with credentials, found in `client.json` and `user.json`. It's also possible to provide `client.json` and `user.json` with valid content and point this library to that directory.\n\n### Contributing\n\nThis project welcomes contributions, including bug fixes and documentation enhancements. To contribute, please use the Issues Tracker to let us know what you would like to do. We'll respond, and go from there.\n\n### License\n\nCopyright © 2015 Zalando SE\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n   [http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0)\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzalando%2Ftokens","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzalando%2Ftokens","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzalando%2Ftokens/lists"}