Abstract
JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties. JWT.io libraries were used in this sample to generate the JWT.
The service credentials that you have downloaded in the previous step contains the private key in the PKCS#1 format.To extract the private key from this string we have used BouncyCastle libraries. The crypto libraires that are part of java do not support PKCS#1 format.
The following code was used to generate the JWT:
public String getJWTToken()
{
Security.addProvider(new BouncyCastleProvider());
RSAPrivateKey privateKey = null;
GetServiceCredentials getCredentials = new GetServiceCredentials();
try
{
long now = System.currentTimeMillis();
Long expirationTime = now + TimeUnit.MINUTES.toMillis(5);
// get the private key string from the service credentials
String privateKeyString = getCredentials.getPRIVATE_KEY();
//The JWT signature algorithm we will be using to sign the token
SignatureAlgorithm sa = SignatureAlgorithm.RS256;
Reader targetReader = new StringReader(privateKeyString);
// PEMParser removes the unnecessary headers and decodes the underlying Base64 PEM data into a binary format.
PEMParser pemParser = new PEMParser(targetReader);
// tores the result generated by the pEMParser
Object object = pemParser.readObject();
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
KeyPair kp = converter.getKeyPair((PEMKeyPair) object);
privateKey = (RSAPrivateKey) kp.getPrivate();
//Let's set the JWT Claims
Map < String, Object > jwtClaims = new HashMap < String, Object > ();
jwtClaims.put("iss", getCredentials.getORG_ID());
jwtClaims.put("sub", getCredentials.getTECH_ACCT());
jwtClaims.put("exp", expirationTime);
jwtClaims.put("aud", "https://" + getCredentials.getIMS_ENDPOINT() + "/c/" + getCredentials.getCLIENT_ID());
String metascopes[] = new String[] { getCredentials.getMETASCOPE_ID() };
for (String metascope: metascopes)
{
jwtClaims.put("https://" + getCredentials.getIMS_ENDPOINT() + "/s/" + metascope, java.lang.Boolean.TRUE);
}
// Create the final JWT token
String jwtToken = Jwts.builder().setClaims(jwtClaims).signWith(sa, privateKey).compact();
System.out.println("Got JWT Token " + jwtToken);
pemParser.close();
return jwtToken;
} catch (IOException e) {
System.out.println("The error is " + e.getMessage());
}
return null;
}
Read Full Blog
Q&A
Please use this thread to ask the related questions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.