Secure File-Sharing APIs

Shareable File URLs you own this product

This project is part of the liveProject series Secure File-Sharing APIs with AWS S3
prerequisites
basics of Java Spring Boot and Spring Security
skills learned
add JWT-based user authentication • macaroons-based authorization
Sashank Dara
1 week · 6-8 hours per week · BEGINNER
Included with a Manning Online subscription
try now

pro $24.99 per month

  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose one free eBook per month to keep
  • exclusive 50% discount on all purchases

lite $19.99 per month

  • access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

Look inside

Help ShareSafe’s customers share with confidence. You’re a developer for a company that provides online file-sharing-as-a service. Its users can upload and share personal documents, photos, and videos onto ShareSafe’s website using APIs. Your task is to add security to ShareSafe’s file-transfer REST API service. You’ll implement a user-authentication layer using JSON Web Tokens (JWTs), provide authorization for shareable URLs by establishing the relationship between users and files, and leverage macaroons (cryptographic cookies) to provide a secure way for users to share files.

This project is designed for learning purposes and is not a complete, production-ready application or solution.

book resources

When you start your liveProject, you get full access to the following books for 90 days.

project author

Sashank Dara

Sashank Dara received his PhD in cybersecurity from IIIT-Bangalore in the area of applied cryptography and threat intelligence. He’s an expert cybersecurity technologist with more than 17 years of experience in the field, including as a consultant advisor for Manipal Global Education Services’ cybersecurity programs and as a security technology and strategy advisor for security startups including Appknox, Haltdos, and SecurityJourney.com. He remains a trusted information security consultant and advisor for top companies in EdTech, IT/ITes, academia, and real estate. He’s the co-inventor of 5 U.S. patents (and 3 IETF drafts) in the areas of cloud, SDN, and NFV security, and he’s published more than a dozen research papers at IEEE, LNCS conferences in the areas of cloud security, privacy, cryptography, and threat intelligence. A prolific speaker at security conferences and invited talks, Dara is currently the CTO and co-founder of Seconize, an award-winning cybersecurity startup pioneering a cyber risk and compliance management SaaS product suite.

prerequisites

This liveProject is for programmers who are familiar with basic REST APIs and Java and would like to learn ways to add security to a simple file-sharing REST API. To begin this liveProject you’ll need to be familiar with the following:

TOOLS
  • Basics of Java
  • Basics of Spring
  • Basics of JDBC
  • Basics of AWS S3
  • Testing APIs via Postman
  • Command line basics of any Linux-hosted system
TECHNIQUES
  • Basic debugging
  • Code reviews
  • Code refactoring
  • Unit testing
  • Security testing

you will learn

In this liveProject, you’ll learn to add security to a simple file-sharing REST API with capability-based authorization, using secure coding and testing practices.

  • Understand the shared responsibility model of cloud security
  • Understand the ShareSafe API specified in Open API Specification 3.0 using Swagger
  • Set up the environment to implement the API specification provided using Java Spring
  • Implement user identity and authentication using JWTs.
  • Use AWS S3 Java SDK and APIs for a cloud-based file storage service
  • Implement shareable and time-bound URLs for authorization macaroons
  • Test the functionality of the reference API implementation using Postman

features

Self-paced
You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.

choose your plan

pro

monthly
annual
$24.99
$249.99
only $20.83 per month
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • Shareable File URLs project for free

team

monthly
annual
$49.99
$499.99
only $41.67 per month
  • five seats for your team
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • Shareable File URLs project for free