What is OAuth2?
Who uses OAuth2?
Here are some stack decisions, common use cases and reviews by companies and developers who chose OAuth2 in their tech stack.
We use Quarkus with native compilation in GraalVM for our global REST-API "Charon", that can be used by every developer to request user, server and game-data (protected through OAuth2). Quarkus offers a reliable framework, library and stack for high-quality APIs and integrates Vert.x into its core.
GraalVM pushes the performance boundaries even further with the ability to perform ahead-of-time native compilation so we can reach an incredible small memory-footprint and fast bootup-times that we need for our microservices architecture.
As the access to our global REST-API "Charon" is bound to OAuth2, we use Keycloak inside Quarkus to authenticate and authorize users of our API. It is not possible to perform any un-authenticated requests against this API, so we wanted to make really sure that the authentication/authorization component is absolutely reliable and tested. We found those attributes within Keycloak, so we used it.
My teammates and I are arguing on which library to use for our local and social authentication in our express app between OAuth2 and Passport. I went for Passport cause I personally like it, and it seems easier to implement with good docs, but some of my teammates think it's less secure than OAuth2. So any advice please would be appreciated. Thanks 🙏🏻