Java – AWS API gateway AWS ECS oauth2 password grant

I am planning to build a user management java api and deploy it in wildfly The API specification will be completed using swagger

Then, I will create a docker image using wildfly application, and then create a container from this image on AWS ECS (EC2 container service)

The next step is to import the swagger specification of API into AWS API gateway and forward the request to the created AWS ECS container

My question What is the best choice for implementing oauth2 server:

>Create it in lambda function and use it as a custom authorization program in AWS API gateway? > Create it in a new Java application (on the same or new wildly container), so do not use the custom Licensor option of AWS API gateway? Is this possible because the request will be received from the AWS API gateway? I asked this because when trying to import the swagger specification using and oauth2 security implementation, the AWS API gateway will encounter the following errors:

Your API was not imported due to an error in the swagger file Unsupported security definition is' OAuth ', input' oauth2 ' Ignore

As a side note, since all future clients of the API will be developed by myself, I plan to use the resource owner password credentials on the oauth2 server

Solution

I assume that the 'oauth2 server' in your question means something that validates tokens You did not specify whether your application actually issued a token or what type of token was issued

The best choice may be subjective, but I always prefer to use a custom authorizer because it is a reusable component of other resources

In addition to importing the API gateway, swagger can manage the authorization in the application as needed. It is only the first problem to be handled when a new request is received. It only needs to ensure that the authorization header is mapped to the downstream in the API gateway