Slides of flashtalk given at Xplore Group on the 4th of May 2017. It covers Fabric8, Neo4j, GraphQL and OpenID Connect. Demo applications can be found at: https://github.com/XT-i/flashtalk-demo-neo4j-graphql-openid-connect

1. Flashtalk

2. “fabric8 is an opinionated open source Microservices Platform based
on Docker, Kubernetes and Jenkins”

3. Getting started
• Local installation
• Use VirtualBox instead of Hyper-V as the VM driver
• Uses Minikube to set up a local Kubernetes cluster in a virtual machine
• Default services
• Fabric8 console
• Jenkins
• Gogs
• Nexus

4. Fabric8 Console
• Namespaces
• Teams
• Start/stop services and pods
• Create applications

5. Demo

6. Conclusions
• Lots of bugs in fabric8 console
• Deployment is not transparent
• Documentation is lacking depth
• Not production-ready

7. Resources
• http://fabric8.io
• https://kubernetes.io
• https://www.docker.com

8. Neo4j is a highly scalable, native graph database purpose-
built to leverage not only data but also its relationships.

9. Concepts
• Nodes
• Relationships
• Properties
• Node Labels
source: neo4j.com

10. Graph Traversal
• https://neo4j.com/docs/java-reference/current/#tutorial-traversal

11. Conclusions
• Easy to get started due to Community Edition
• Good documentation
• Cypher is a very readable and easy-to-learn query language

12. Resources
• https://neo4j.com/developer/guide-data-modeling/
• https://neo4j.com/blog/why-database-query-language-matters/
• https://zeroturnaround.com/rebellabs/examples-where-graph-
databases-shine-neo4j-edition/
• https://neo4j.com/docs/api/java-driver/1.2/

13. GraphQL
GraphQL is a query language for your API, and a server-side
runtime for executing queries by using a type system you
define for your data. GraphQL isn't tied to any specific
database or storage engine and is instead backed by your
existing code and data.

14. Concepts
• Root query object
• Types
• Fields
• Arguments
• Directives
• @Include
• @Skip
• Fragments
• Query Variables
• Operation name
• Interfaces
• Unions
• Enums
• Combine multiple
queries

15. Advanced
• Recursive types
• Paging
• GZIP encoding

16. GraphQL Spring Boot
• Use annotations to define your schema
• Didn’t add much value

17. Relay
• https://facebook.github.io/relay/

18. Resources
• http://graphql.org/learn/
• https://github.com/graphql-java/graphql-java
• https://github.com/graphql-java/graphql-java-servlet
• https://github.com/chentsulin/awesome-graphql

19. OpenID Connect is a simple identity layer on top of the OAuth 2.0
protocol, which allows computing clients to verify the identity of an
end-user based on the authentication performed by an authorization
server, as well as to obtain basic profile information about the end-
user in an interoperable and REST-like manner.
-- Wikipedia --

20. OpenID Connect
• Specification
• Not the same as OpenID 2.0
• API-friendly
• Uses JWT (JSON Web Tokens)

21. OAuth 2.0
source: tutorials.jenkov.com

22. OpenID Terminology
• Relying Party (RP) = Client
• Identity Provider (IdP) or OpenID Provider (OP) = Authorization Server
• Access Token: OAuth2 token providing a client access to one or more
resources on the Resource Server
• ID Token: Used by OpenID (usually a signed JWT token), contains user
information or Claims
• Scope: The information that will be exposed to the Client. In OpenID
this migth reflect as a set of Claims

23. ID Token
• Identity of the user (subject)
• The Identity Provider (iss)
• Audience or Client (aud)
• An optional nonce (nonce)
• Optional authentication time (auth_time)
• Optional strength of authentication (acr)
• Issue date (iat)
• Expiration date (exp)
• Optional additional claims
or user info
• Is signed
• Can be encrypted
• Encoded using Base64 for
use in URLs, ...

24. OpenID Flows
• Flow = Grant Type
• Authorization Code
• Implicit

25. Authorization Code Flow
source: https://www.slideshare.net/matake/technight11

26. Implicit Flow
source: https://support.oneidentity.com

27. Endpoints
• Authorization endpoint
• Authentication of Resource Owner (user)
• Grants the Client access to the ID token
• Token endpoint
• Provides the Client with the ID token after the client id, secret and
authorization code have been verified
• Authorization Code != access token (it is temporary)
• User Info endpoint
• Returns the UserInfo associated with an access token (possibly as JWT token)

28. Setting up an Identity Provider
• Google
• Connect2Id:
• https://connect2id.com/products/server/docs/quick-start
• https://connect2id.com/products/server/docs/config/core
• Enable open client registration for testing
• Allow non-SSL redirectUrls for testing on localhost
• https://connect2id.com/products/server/docs/guides/client-registration

29. Demo

30. Not covered
• JSON Identity Suite

31. Resources
• https://www.digitalocean.com/community/tutorials/an-introduction-
to-oauth-2
• https://connect2id.com/learn/openid-connect
• https://youtu.be/BdKmZ7mPNns
• https://www.youtube.com/watch?v=XGmUlyggXVo
• https://www.slideshare.net/2botech/the-jsonbased-identity-
protocol-suite

32. Thanks!