{"id":6248,"date":"2023-06-29T05:01:03","date_gmt":"2023-06-29T05:01:03","guid":{"rendered":"https:\/\/youngitconsulting.de\/staging\/2187\/?p=6248"},"modified":"2023-07-08T09:25:23","modified_gmt":"2023-07-08T09:25:23","slug":"testtest","status":"publish","type":"post","link":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/","title":{"rendered":"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature"},"content":{"rendered":"<h3><b>Problem statement:<\/b><\/h3>\n<p>In this particular Scenario in the existing application the SSO was implemented using Microsoft OIDC Provider with Liferay DXP. At the time of login the \u2018Microsoft OIDC provider\u2019 generated a Bearer Token which was the identifier for the authenticated user .<\/p>\n<p>This Bearer token was needed for all the further API calls to the API Gateway (which in turn called the external data source) . The API gateway used the Bearer Token to further validate the users identity and once validated it Processed the appropriate API response to the API call request .Hence we need to make it available throughout . We were not allowed to save the Token in Sessions because of security reasons.<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory\/develop\/media\/v2-protocols-oidc\/convergence-scenarios-webapp.svg\" alt=\"Swim-lane diagram showing the OpenID Connect protocol's sign-in flow.\" width=\"1077\" height=\"542\" \/><\/p>\n<p>Reference : https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory\/develop\/v2-protocols-oidc<\/p>\n<h3><b>Conditions:<\/b><\/h3>\n<p>Bearer Token is Unique to every login .<\/p>\n<p>Bearer Token is only available while OIDC call while login<\/p>\n<p>Bearer Token should be available for the whole logged in period<\/p>\n<h3><b>Solution:<\/b><\/h3>\n<ol>\n<li>We planned to extract the Bearer token\u00a0 at the Login time Once at the while SSO event .<\/li>\n<li>To do so we used Liferay Post Login Action Feature to catch the event .<\/li>\n<li>We Extracted the TOKEN using logic local to the application .<\/li>\n<li>We decided to use Expendo Table feature and stored in KEY &#8211; VALUE where USERID was KEY and TOKEN was VALUE<\/li>\n<li>This KEY &#8211; VALUE was UNIQUE to each user and each login .<\/li>\n<\/ol>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/Screenshot-2023-06-29-at-11.03.37.png?resize=1098%2C581&#038;ssl=1\" alt=\"\" width=\"1098\" height=\"581\" \/><br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/Screenshot-2023-06-29-at-11.04.54.png?resize=1031%2C567&#038;ssl=1\" alt=\"\" width=\"1031\" height=\"567\" \/><br \/>\nFollowing is the Example Code snippet for the same.<\/p>\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"java\">package com.login.event.post;\r\nimport com.liferay.expando.kernel.model.ExpandoTableConstants;\r\nimport com.liferay.expando.kernel.service.ExpandoValueLocalServiceUtil;\r\nimport com.liferay.portal.kernel.events.ActionException;\r\nimport com.liferay.portal.kernel.exception.PortalException; \r\nimport com.liferay.portal.kernel.model.User; \r\nimport com.liferay.portal.kernel.service.UserLocalServiceUtil;\r\nimport com.liferay.portal.kernel.events.LifecycleAction;\r\nimport com.liferay.portal.kernel.events.LifecycleEvent;\r\nimport org.osgi.service.component.annotations.Component;\r\n\/**\r\n * \r\n * --------Author Details---------\r\n * Name:    YoungIT Consulting Services GmbH\r\n * Email:   info@YoungITConsulting.de\r\n * Address: Fleeth\u00f6rn 7, 24103 Kiel, Germany\r\n * Phone:   +491514 5682025\r\n * --------Author Details---------\r\n * \r\n *\/\r\n@Component\r\n(\r\nimmediate = true,\r\nproperty = { \"key=login.events.post\" },\r\nservice = LifecycleAction.class\r\n)\r\npublic class LoginPostAction implements LifecycleAction {\r\n    @Override\r\n    public void processLifecycleEvent(LifecycleEvent lifecycleEvent) throws ActionException {\r\n        long userId = Long.parseLong(lifecycleEvent.getRequest().getUserPrincipal().toString());\r\n        User user;\r\n        try {\r\n            user = UserLocalServiceUtil.getUser(userId);\r\n            ExpandoValueLocalServiceUtil.addValue(user.getCompanyId(), User.class.getName(), ExpandoTableConstants.DEFAULT_TABLE_NAME,\r\n                    \"bearerToken\", user.getPrimaryKey(), \"==UPDATE_TOKEN_HERE==\");\r\n        } catch (PortalException e) {\r\n            \/\/ TODO Auto-generated catch block\r\n            e.printStackTrace();\r\n        }\r\n        System.out.println(\"login.event.pre=\" + lifecycleEvent);\r\n    }<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Problem statement: In this particular Scenario in the existing application the SSO was implemented using Microsoft OIDC Provider with Liferay DXP. At the time of login the \u2018Microsoft OIDC provider\u2019 generated a Bearer Token which was the identifier for the authenticated user . This Bearer token was needed for all the further API calls to the API Gateway (which in turn called the external data source) . The API gateway used the Bearer Token to further validate the users identity and once validated it Processed the appropriate API response to the API call request .Hence we need to make it available throughout . We were not allowed to save the Token in Sessions because of security reasons. Reference : https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory\/develop\/v2-protocols-oidc Conditions: Bearer Token is Unique to every login . Bearer Token is only available while OIDC call while login Bearer Token should be available for the whole logged in period Solution: We planned to extract the Bearer token\u00a0 at the Login time Once at the while SSO event . To do so we used Liferay Post Login Action Feature to catch the event . We Extracted the TOKEN using logic local to the application . We decided to use Expendo Table feature and stored in KEY &#8211; VALUE where USERID was KEY and TOKEN was VALUE This KEY &#8211; VALUE was UNIQUE to each user and each login . Following is the Example Code snippet for the same. package com.login.event.post; import com.liferay.expando.kernel.model.ExpandoTableConstants; import com.liferay.expando.kernel.service.ExpandoValueLocalServiceUtil; import com.liferay.portal.kernel.events.ActionException; import com.liferay.portal.kernel.exception.PortalException; import com.liferay.portal.kernel.model.User; import com.liferay.portal.kernel.service.UserLocalServiceUtil; import com.liferay.portal.kernel.events.LifecycleAction; import com.liferay.portal.kernel.events.LifecycleEvent; import org.osgi.service.component.annotations.Component; \/** * * &#8212;&#8212;&#8211;Author Details&#8212;&#8212;&#8212; * Name: YoungIT Consulting Services GmbH * Email: info@YoungITConsulting.de * Address: Fleeth\u00f6rn 7, 24103 Kiel, Germany * Phone: +491514 5682025 * &#8212;&#8212;&#8211;Author Details&#8212;&#8212;&#8212; * *\/ @Component ( immediate = true, property = { &#8220;key=login.events.post&#8221; }, service = LifecycleAction.class ) public class LoginPostAction implements LifecycleAction { @Override public void processLifecycleEvent(LifecycleEvent lifecycleEvent) throws ActionException { long userId = Long.parseLong(lifecycleEvent.getRequest().getUserPrincipal().toString()); User user; try { user = UserLocalServiceUtil.getUser(userId); ExpandoValueLocalServiceUtil.addValue(user.getCompanyId(), User.class.getName(), ExpandoTableConstants.DEFAULT_TABLE_NAME, &#8220;bearerToken&#8221;, user.getPrimaryKey(), &#8220;==UPDATE_TOKEN_HERE==&#8221;); } catch (PortalException e) { \/\/ TODO Auto-generated catch block e.printStackTrace(); } System.out.println(&#8220;login.event.pre=&#8221; + lifecycleEvent); }<\/p>\n","protected":false},"author":1,"featured_media":6467,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[120,121],"tags":[],"class_list":["post-6248","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-android","category-mobile"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature -\" \/>\n<meta property=\"og:description\" content=\"Problem statement: In this particular Scenario in the existing application the SSO was implemented using Microsoft OIDC Provider with Liferay DXP. At the time of login the \u2018Microsoft OIDC provider\u2019 generated a Bearer Token which was the identifier for the authenticated user . This Bearer token was needed for all the further API calls to the API Gateway (which in turn called the external data source) . The API gateway used the Bearer Token to further validate the users identity and once validated it Processed the appropriate API response to the API call request .Hence we need to make it available throughout . We were not allowed to save the Token in Sessions because of security reasons. Reference : https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory\/develop\/v2-protocols-oidc Conditions: Bearer Token is Unique to every login . Bearer Token is only available while OIDC call while login Bearer Token should be available for the whole logged in period Solution: We planned to extract the Bearer token\u00a0 at the Login time Once at the while SSO event . To do so we used Liferay Post Login Action Feature to catch the event . We Extracted the TOKEN using logic local to the application . We decided to use Expendo Table feature and stored in KEY &#8211; VALUE where USERID was KEY and TOKEN was VALUE This KEY &#8211; VALUE was UNIQUE to each user and each login . Following is the Example Code snippet for the same. package com.login.event.post; import com.liferay.expando.kernel.model.ExpandoTableConstants; import com.liferay.expando.kernel.service.ExpandoValueLocalServiceUtil; import com.liferay.portal.kernel.events.ActionException; import com.liferay.portal.kernel.exception.PortalException; import com.liferay.portal.kernel.model.User; import com.liferay.portal.kernel.service.UserLocalServiceUtil; import com.liferay.portal.kernel.events.LifecycleAction; import com.liferay.portal.kernel.events.LifecycleEvent; import org.osgi.service.component.annotations.Component; \/** * * --------Author Details--------- * Name: YoungIT Consulting Services GmbH * Email: info@YoungITConsulting.de * Address: Fleeth\u00f6rn 7, 24103 Kiel, Germany * Phone: +491514 5682025 * --------Author Details--------- * *\/ @Component ( immediate = true, property = { &quot;key=login.events.post&quot; }, service = LifecycleAction.class ) public class LoginPostAction implements LifecycleAction { @Override public void processLifecycleEvent(LifecycleEvent lifecycleEvent) throws ActionException { long userId = Long.parseLong(lifecycleEvent.getRequest().getUserPrincipal().toString()); User user; try { user = UserLocalServiceUtil.getUser(userId); ExpandoValueLocalServiceUtil.addValue(user.getCompanyId(), User.class.getName(), ExpandoTableConstants.DEFAULT_TABLE_NAME, &quot;bearerToken&quot;, user.getPrimaryKey(), &quot;==UPDATE_TOKEN_HERE==&quot;); } catch (PortalException e) { \/\/ TODO Auto-generated catch block e.printStackTrace(); } System.out.println(&quot;login.event.pre=&quot; + lifecycleEvent); }\" \/>\n<meta property=\"og:url\" content=\"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-29T05:01:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-08T09:25:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/image-95-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"618\" \/>\n\t<meta property=\"og:image:height\" content=\"460\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"YoungIT\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"YoungIT\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/\"},\"author\":{\"name\":\"YoungIT\",\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#\\\/schema\\\/person\\\/b46ed295bea3af3f3a4c263e64c82686\"},\"headline\":\"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature\",\"datePublished\":\"2023-06-29T05:01:03+00:00\",\"dateModified\":\"2023-07-08T09:25:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/\"},\"wordCount\":251,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/youngitconsulting.de\\\/staging\\\/2187\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/image-95-1.png?fit=618%2C460&ssl=1\",\"articleSection\":[\"Android\",\"Mobile\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/\",\"url\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/\",\"name\":\"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature -\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/i0.wp.com\\\/youngitconsulting.de\\\/staging\\\/2187\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/image-95-1.png?fit=618%2C460&ssl=1\",\"datePublished\":\"2023-06-29T05:01:03+00:00\",\"dateModified\":\"2023-07-08T09:25:23+00:00\",\"author\":{\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#\\\/schema\\\/person\\\/b46ed295bea3af3f3a4c263e64c82686\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/#primaryimage\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/youngitconsulting.de\\\/staging\\\/2187\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/image-95-1.png?fit=618%2C460&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/youngitconsulting.de\\\/staging\\\/2187\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/image-95-1.png?fit=618%2C460&ssl=1\",\"width\":618,\"height\":460},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/testtest\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#website\",\"url\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/\",\"name\":\"\",\"description\":\"IT Consulting , Liferay DXP , Salesforce , Java Consulting\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"http:\\\/\\\/izg.tnd.mybluehost.me\\\/#\\\/schema\\\/person\\\/b46ed295bea3af3f3a4c263e64c82686\",\"name\":\"YoungIT\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g\",\"caption\":\"YoungIT\"},\"sameAs\":[\"http:\\\/\\\/box2537\\\/cgi\\\/addon_GT.cgi?s=GT::WP::Install::EIG+%28izgtndmy%29+-+127.0.0.1+%5Bnocaller%5D\"],\"url\":\"https:\\\/\\\/youngitconsulting.de\\\/staging\\\/2187\\\/author\\\/izgtndmy\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/","og_locale":"en_US","og_type":"article","og_title":"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature -","og_description":"Problem statement: In this particular Scenario in the existing application the SSO was implemented using Microsoft OIDC Provider with Liferay DXP. At the time of login the \u2018Microsoft OIDC provider\u2019 generated a Bearer Token which was the identifier for the authenticated user . This Bearer token was needed for all the further API calls to the API Gateway (which in turn called the external data source) . The API gateway used the Bearer Token to further validate the users identity and once validated it Processed the appropriate API response to the API call request .Hence we need to make it available throughout . We were not allowed to save the Token in Sessions because of security reasons. Reference : https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory\/develop\/v2-protocols-oidc Conditions: Bearer Token is Unique to every login . Bearer Token is only available while OIDC call while login Bearer Token should be available for the whole logged in period Solution: We planned to extract the Bearer token\u00a0 at the Login time Once at the while SSO event . To do so we used Liferay Post Login Action Feature to catch the event . We Extracted the TOKEN using logic local to the application . We decided to use Expendo Table feature and stored in KEY &#8211; VALUE where USERID was KEY and TOKEN was VALUE This KEY &#8211; VALUE was UNIQUE to each user and each login . Following is the Example Code snippet for the same. package com.login.event.post; import com.liferay.expando.kernel.model.ExpandoTableConstants; import com.liferay.expando.kernel.service.ExpandoValueLocalServiceUtil; import com.liferay.portal.kernel.events.ActionException; import com.liferay.portal.kernel.exception.PortalException; import com.liferay.portal.kernel.model.User; import com.liferay.portal.kernel.service.UserLocalServiceUtil; import com.liferay.portal.kernel.events.LifecycleAction; import com.liferay.portal.kernel.events.LifecycleEvent; import org.osgi.service.component.annotations.Component; \/** * * --------Author Details--------- * Name: YoungIT Consulting Services GmbH * Email: info@YoungITConsulting.de * Address: Fleeth\u00f6rn 7, 24103 Kiel, Germany * Phone: +491514 5682025 * --------Author Details--------- * *\/ @Component ( immediate = true, property = { \"key=login.events.post\" }, service = LifecycleAction.class ) public class LoginPostAction implements LifecycleAction { @Override public void processLifecycleEvent(LifecycleEvent lifecycleEvent) throws ActionException { long userId = Long.parseLong(lifecycleEvent.getRequest().getUserPrincipal().toString()); User user; try { user = UserLocalServiceUtil.getUser(userId); ExpandoValueLocalServiceUtil.addValue(user.getCompanyId(), User.class.getName(), ExpandoTableConstants.DEFAULT_TABLE_NAME, \"bearerToken\", user.getPrimaryKey(), \"==UPDATE_TOKEN_HERE==\"); } catch (PortalException e) { \/\/ TODO Auto-generated catch block e.printStackTrace(); } System.out.println(\"login.event.pre=\" + lifecycleEvent); }","og_url":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/","article_published_time":"2023-06-29T05:01:03+00:00","article_modified_time":"2023-07-08T09:25:23+00:00","og_image":[{"width":618,"height":460,"url":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/image-95-1.png","type":"image\/png"}],"author":"YoungIT","twitter_card":"summary_large_image","twitter_misc":{"Written by":"YoungIT","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/#article","isPartOf":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/"},"author":{"name":"YoungIT","@id":"http:\/\/izg.tnd.mybluehost.me\/#\/schema\/person\/b46ed295bea3af3f3a4c263e64c82686"},"headline":"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature","datePublished":"2023-06-29T05:01:03+00:00","dateModified":"2023-07-08T09:25:23+00:00","mainEntityOfPage":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/"},"wordCount":251,"commentCount":0,"image":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/image-95-1.png?fit=618%2C460&ssl=1","articleSection":["Android","Mobile"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/","url":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/","name":"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature -","isPartOf":{"@id":"http:\/\/izg.tnd.mybluehost.me\/#website"},"primaryImageOfPage":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/#primaryimage"},"image":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/image-95-1.png?fit=618%2C460&ssl=1","datePublished":"2023-06-29T05:01:03+00:00","dateModified":"2023-07-08T09:25:23+00:00","author":{"@id":"http:\/\/izg.tnd.mybluehost.me\/#\/schema\/person\/b46ed295bea3af3f3a4c263e64c82686"},"breadcrumb":{"@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/#primaryimage","url":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/image-95-1.png?fit=618%2C460&ssl=1","contentUrl":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/image-95-1.png?fit=618%2C460&ssl=1","width":618,"height":460},{"@type":"BreadcrumbList","@id":"https:\/\/youngitconsulting.de\/staging\/2187\/testtest\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/youngitconsulting.de\/staging\/2187\/"},{"@type":"ListItem","position":2,"name":"Architecture and Solutioning Series: Persisting Bearer Token Using Liferay DXPs Expendo Table Feature"}]},{"@type":"WebSite","@id":"http:\/\/izg.tnd.mybluehost.me\/#website","url":"http:\/\/izg.tnd.mybluehost.me\/","name":"","description":"IT Consulting , Liferay DXP , Salesforce , Java Consulting","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/izg.tnd.mybluehost.me\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"http:\/\/izg.tnd.mybluehost.me\/#\/schema\/person\/b46ed295bea3af3f3a4c263e64c82686","name":"YoungIT","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/45f6160db01519229a2463b514b42085e51d1816913b18ffa5181a439cc7999c?s=96&d=mm&r=g","caption":"YoungIT"},"sameAs":["http:\/\/box2537\/cgi\/addon_GT.cgi?s=GT::WP::Install::EIG+%28izgtndmy%29+-+127.0.0.1+%5Bnocaller%5D"],"url":"https:\/\/youngitconsulting.de\/staging\/2187\/author\/izgtndmy\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/youngitconsulting.de\/staging\/2187\/wp-content\/uploads\/2023\/06\/image-95-1.png?fit=618%2C460&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/posts\/6248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/comments?post=6248"}],"version-history":[{"count":5,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/posts\/6248\/revisions"}],"predecessor-version":[{"id":7029,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/posts\/6248\/revisions\/7029"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/media\/6467"}],"wp:attachment":[{"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/media?parent=6248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/categories?post=6248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/youngitconsulting.de\/staging\/2187\/wp-json\/wp\/v2\/tags?post=6248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}