This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

JWE -> Direct Key working sample

Posted on 03-04-2021 10:43 PM
API-Evangelist
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

Hello Team,

Any one made JWE work for Direct Key on OPDK 4.50? Seeing lot of interesting issues. Is it my mis-understanding of the usage?

Simple Generate/validate is throwing below error.. Any suggestions?

==

{"fault":{"faultstring":"No Algorithm found in JOSE Header: policy(VJ-JWT)","detail":{"errorcode":"steps.jwt.NoAlgorithmFoundInHeader"}}}

==

1.Why does there is a restriction on OutputVariable?? Can't we use any other variable example- jwt.output?

2.General question say if we use a client id for a given claim while generating how do we validate it when req comes with only JWE

/token generate jwe (with claim of client id )

/resource validate jwe (how do u validate?)

3.Side by Side Generate & validate works fine - silly

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<GenerateJWT name="GJ-Token">
	<Algorithms>
		<Key>dir</Key>
		<Content>A256CBC-HS512</Content>
	</Algorithms>
	<!--Directkey requires encoded key of the exact length required. For A256CBC-HS512, that means 64 bytes -->
	<DirectKey>
		<Value encoding="base64" ref="private.Key"/>
	</DirectKey>
	<!--<Subject ref="verifyapikey.VA-ClientId.client_id"/>-->
	<Subject ref="private.subject"/>
	<Issuer ref="private.issuer"/>
	<Audience ref="private.audience"/>
	<ExpiresIn>10m</ExpiresIn>
	<OutputVariable>output-jwt</OutputVariable>
</GenerateJWT>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<VerifyJWT async="false" continueOnError="false" enabled="true" name="VJ-JWT">
	<DisplayName>VJ-JWT</DisplayName>
	<Source>output-jwt</Source>
	<Algorithms>
		<Key>dir</Key>
	</Algorithms>
	<DirectKey>
		<Value encoding="base64" ref="private.Key"/>
	</DirectKey>
	<Subject ref="private.subject"/>
	<Issuer ref="private.issuer"/>
	<Audience ref="private.audience"/>
</VerifyJWT>

or

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<VerifyJWT async="false" continueOnError="false" enabled="true" name="VJ-JWT">
    <DisplayName>VJ-JWT</DisplayName>
    <Source>output-jwt</Source>
    <Algorithms>
        <Key>dir</Key>
        <Content>A256CBC-HS512</Content>
    </Algorithms>
    <DirectKey>
        <Value encoding="base64" ref="private.Key"/>
    </DirectKey>
    <Subject ref="private.subject"/>
    <Issuer ref="private.issuer"/>
    <Audience ref="private.audience"/>
   
</VerifyJWT>
0 6 792
Topic Labels
0 Likes
6 REPLIES 6
Top Solution Authors
View all