Expand my Community achievements bar.

How to migrate to new OAuth Server-to-Server credentials

Avatar

Level 1
Level 1
12/20/24 8:11:46 AM

Dear Adobe Community,

 

Currently we are connecting to Livestream using JWT token generation method. Below is method which is used to generate token using Adobe Project details and secret.key file in Java.

 

===================================================================

public String getJWTToken()
throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
// Load relevant properties from prop file
String orgId = AdobeConstants.orgId;
String technicalAccountId = AdobeConstants.technicalAccountId;
String apiKey = AdobeConstants.apiKey;
String keyPath = AdobeConstants.key_path;
String imsHost = AdobeConstants.imsHost;
// Expiration time in seconds 24 hours
Long expirationTime = System.currentTimeMillis() / 1000 + AdobeConstants.tokenExpiry;
// Metascopes associated to key
String metascopes[] = AdobeConstants.metascopes.split(",");


// Secret key as byte array. Secret key file should be in DER encoded format.
// byte[] privateKeyFileContent = Files.readAllBytes(Paths.get(keyPath));
// byte[] privateKeyFileContent = getSecret();


InputStream stream = AdobeClient.class.getResourceAsStream("/secret.key");
byte[] privateKeyFileContent = IOUtils.toByteArray(stream);
// Read the private key
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
KeySpec ks = new PKCS8EncodedKeySpec(privateKeyFileContent);
RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(ks);

// Create JWT payload
Map<String, Object> jwtClaims = new HashMap<>();
jwtClaims.put("iss", orgId);
jwtClaims.put("sub", technicalAccountId);
jwtClaims.put("exp", expirationTime);
jwtClaims.put("aud", "https://" + imsHost + "/c/" + apiKey);
for(String metascope : metascopes) {
jwtClaims.put("https://" + imsHost + "/s/" + metascope, TRUE);
}

SignatureAlgorithm sa = SignatureAlgorithm.RS256;
// Create the final JWT token
String jwtToken = Jwts.builder().setClaims(jwtClaims).signWith(sa, privateKey).compact();

return jwtToken;
}

=======================================================================

I am new to Java, hence not sure on what changes to make to generate token using Oauth Server credentials. 

Any pointer appreciated?

 

Thank you.

Views

434

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Reply

Avatar

Employee
Employee
12/22/24 7:00:55 AM

Service Account (JWT) credential had a 2 step process to generate tokens - 

  1. Generate a signed JWT (that's what the code above does)
  2. Exchange signed JWT with Adobe IMS to get an access token. (not in the code above)

 

The new OAuth Server-to-Server credential has only one step 

  1. Call Adobe IMS with your client id and secret to get an access token - see doc

 

In your codebase, you probably have to find the place where the jwtToken returned by your function is exchanged with a token from Adobe. Once you have identified where the second step is happening, both the steps then need to be replaced with a single step to fetch access tokens.


Hope this helps
Thanks
Manik

Views

363

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Magento migrate from version 2.4.5 to 2.4.6 Solved

Views

624

Likes

0

Replies

6
InDesign C++ SDK: How to Programmatically Create or Resize Primary Text Frame?

Views

93

Likes

0

Replies

2
Access to Photoshop API

Views

66

Likes

0

Replies

0
Hyperlinks in pdf to excel files on my dropbox

Views

194

Likes

0

Replies

1
Need help Testing a New created Starter (Helloworld) plugin

Views

210

Likes

0

Replies

1