Build a Secure GraphQL API With MicroProfile

Build a Secure GraphQL API With MicroProfile

Learn how to use GraphQL and Okta to make a secure API. We'll add microservices architectures to them with MicroProfile for a more scalable app.

Learn how to use GraphQL and Okta to make a secure API. We'll add microservices architectures to them with MicroProfile for a more scalable app.

MicroProfile is an open-source community project with the goal to encourage the development of Java microservice solutions. It was created in 2016 in response to the changing needs of modern web development. In particular, it seeks to foster the development of smaller, less monolithic services (microservices) that can run on faster release cycles than the typical, old-school Enterprise Java application. Shortly after its creation, it joined the Eclipse foundation.

MicroProfile, in essence, is a set of specifications and standards agreed upon by a community of developers that allows for “write once, run anywhere” in the Java microservice ecosystem. There are currently around nine compliant runtimes for MicroProfile, including Apache TomEE, Quarkus, and Open Liberty. A program written for one can be seamlessly run on another. The community also serves as an incubator for new ideas within Enterprise Java and microservice architectures.

In this tutorial, the runtime you are going to use is Open Liberty. Open Liberty is an implementation of the MicroProfile specification. Open Liberty bills itself as “a lightweight open framework for building fast and efficient cloud-native Java microservices.” It’s easily customizable, fast to start, and has a low footprint.

Why Use GraphQL Instead of REST?

The application you’re going to write is a surf report generator. Why? Because people seem to like weather apps for their example apps, and I thought a surf report generator was more fun. The surf reports, unfortunately, will just be randomly generated. However, you’ll use GraphQL to query and return data instead of a traditional REST API.

With a REST API, a typical transaction cycle might include numerous API requests. The client app may have to, at a minimum, make a different call for each type of resource required, and often, lots of data is returned that is not used by the client. This results in a lot of inefficient communication. Facebook created GraphQL to address this.

GraphQL allows a client to ask the server for exactly the data it needs in a single request. The client can group multiple request types in a single request and specify exactly which properties on the requested data structures it wants to be included in the response. This results in much more efficient communications between client and server, allowing, for example, mobile apps to work well even on slow connections.

The app will be secured using OAuth 2.0 and OpenID Connect using Okta as the provider. MicroProfile provides a JSON Web Token (JWT) authentication and authorization specification that Open Liberty implements. You’ll use this to add role-based authorization to your surf report.

Prerequisites:

Before you get started, you’ll need to have a few things installed.

  • Java 11: This tutorial uses Java 11. SDKMAN is an excellent option for installing and managing Java versions.
  • Maven: The MicroProfile starter uses Maven, a dependency management utility. It can be installed according to the instructions on their website. You could also use SDKMAN or Homebrew.
  • Okta Developer Account: You’ll be using Okta as an OAuth/OIDC provider to add JWT authentication and authorization to the application. You can go to our developer site and sign up for a free developer account.
  • HTTPie: This is a powerful command-line HTTP request utility that you’ll use to test your MicroProfile app. Install it according to the docs on their site.

java api microservices graphql microprofile

What is Geek Coin

What is GeekCash, Geek Token

Best Visual Studio Code Themes of 2021

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

How to Validate an Email Address in Java

How to Validate an Email Address in Java. Perform validation of an email address: check for syntactic correctness, identify the mail server, contact the server to validate an account without sending any emails.

How to Convert ODT Files to PDF in Java

How to Convert ODT Files to PDF in Java. The goal of this tutorial is to provide a simple means for instantly converting your ODT files without needing to find or download any extraneous programming.

Combine GraphQL With Java to Build a Flexible and Modern API

Learn how to combine GraphQL and Java to build a REST API without worrying about under-fetching or over-fetching data. This article explains how to consume GraphQL services using Quarkus applications.

How to Create a Barcode Image in Java

The following five APIs will allow you to create barcode images in the three previously mentioned formats. In this tutorial, we'll learn How to Create a Barcode Image in Java.

Build a Secure GraphQL API with MicroProfile

Use MicroProfile to create a GraphQL API with Java and secure it with OAuth 2.0. MicroProfile is an open-source community project with the goal to encourage the development of Java microservice solutions. Open Liberty is an implementation of the MicroProfile specification. Open Liberty bills itself as “a lightweight open framework for building fast and efficient cloud-native Java microservices.” It’s easily customizable, fast to start, and has a low footprint.