To support the very first zio-http-pac4j release, I also wrote an article:

🔍 https://seroperson.me/2025/09/03/zio-http-jwt-auth/

It shows in details how to implement a JWT-based authorization for zio-http and also covers such features as token expiration, encryption, roles and custom payload.

#scala #zio #jwt #pac4j

I want to introduce to you my very recent library: zio-http wrapper for pac4j. pac4j is an easy and powerful security framework for authenticating users, getting their profiles, and managing authorizations to secure web applications and services.

There are wrappers for numerous frameworks and libraries, such as http4s, Play, Akka HTTP and Java-world frameworks. Now we also have an implementation for zio-http as well!

https://github.com/seroperson/zio-http-pac4j

#scala #zio #pac4j #jwt #oauth

Back in April, I had to fight with Pac4j adding OpenID Connect to an application that, for the first time in many projects, had a public/anonymous section.
Out of frustration, I then created my own project, and now after months of procrastination, I'm releasing 1.0.0-rc-1
https://github.com/tbroyer/oidc-servlets

(and before you ask, the project at work isn't using this, it's still using Pac4j)

#oidc #pac4j #OpenIDConnect #java

connect2id's Nimbus OAuth2/OIDC SDK is underrated, particularly as a direct dependency!

https://connect2id.com/products/nimbus-oauth-openid-connect-sdk

Many people use it through Spring Security or Pac4j but the lib is relatively easy to use directly (particularly if you know the protocols) and can be used to add OIDC support to Java apps with much less complexity than those Spring or Pac4j authentication frameworks (but at the cost of having to handle some of the Web security yourself, mainly around CSRF)

#Java #OAuth2 #OIDC #OpenIDConnect #SpringSecurity #Pac4j