Alexandre Faria Software Architect

About me

Software Engineer since 2005, I am currently working for Decathlon group. As a developer, I am more interested in the back side, especially on APIs and authentication/security topics. Sharing knowledge is what I prefer in my daily job. Open source world is also a fascinating topic for me.

Code

Backend developer, I am mostly used to develop in Java, using reactive stack. I also like to develop in golang which is a powerful and easy to learn language, despite not being a functional language.

Tools

Obviously I am familiar with GIT. My favourite IDE is IntelliJ/Goland and play sometimes with VS Code. I am also familiar with Docker, which, as for GIT, is a must know for any developer today.

Specs

Any good software must provide ReST or GraphQL APIs. I spent many time reading and understanding oauth2/openid specifications and finally decide to go deeper by contributing part of them into and open source solution (see projects).

Talks

Securing your API - From basics to beyond

In this talk, I speak about some basics actions to secure your API. Keeping in mind that an API remains a web application, without html/javascript, I will do a demo of SQL injection and then quickly review the OWASP top 10 application security risks. From there I zoom on authentication doing a focus on oauth2/OpenID Connect. Stepping to API Management, I deep dive on some features that can help us to secure our APIs.

Check it out Sessions

Projects Contributions

Gravitee.io

Gravitee.io is an open source API platform, providing a flexible, lightweight and blazing-fast open source API Management solution as well as an Authorization Server (called Access Management) that helps organization to finely control who, when and how users access to APIs. Here my main contributions are on the AM side, as it is related to oauth2/oidc.

Check it out