Hi all,
I have a jwt token genereated from a non-secure authentication url.
Now I have to verify whether it is valid and extract its expiry time by decoding it.
Guide me how to do it using a Javacallout policy vs Verify JWT token policy
Hi @honey P,
You can use `VerifyJWT` policy to validate JWT token.
I tested and validated one JWT token generated on this link - http://jwtbuilder.jamiekurtz.com/
using `HS256` algorithm using below `VerifyJWT` policy. Make changes wherever necessary like secret key, subject, issuer, aud etc.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <VerifyJWT async="false" continueOnError="false" enabled="true" name="Verify-JWT-1"> <DisplayName>Verify JWT-1</DisplayName> <Algorithm>HS256</Algorithm> <Source>authn.jwt</Source> <SecretKey> <Value ref="private.key">qwertyuiopasdfghjklzxcvbnm123456</Value> </SecretKey> <Subject>jrocket@example.com</Subject> <Issuer>Online JWT Builder</Issuer> <Audience>www.example.com</Audience> </VerifyJWT>
above policy expects {authn.jwt} variable, which has been extracted using ExtractVariable policy used before verifying JWT (refer attached proxy bundle for complete code); So pass your JWT token as header in this format Authorization:Bearer {jwt}.
Also note, above policy does not check additional claim, if you wish, you can use more properties mentioned on this documentation - https://docs.apigee.com/api-platform/reference/policies/verify-jwt-policy#additionalclaimsclaim
Last but not the least - I have attached proxy bundle that I used to test this, you can refer this - 68558-v1-rev2-2019-05-09.zip
@Kuldeep Bhati : Thank you much. I have gone through your code and its working.
Also I would like to know how to implement it via Javacallout. I'm looking for a jar file (jwt-signed-edge-callout.jar)that I can use in my Javacallout policy that has below 4 properties
<Properties>
<Property name="algorithm">HS256</Property>
<Property name="jwt">{token}</Property>
<Property name="certificate">{Certificate}</Property>
<Property name="claim_iss">{CliamIssuer}</Property>
<Properties>
User | Count |
---|---|
7 | |
2 | |
2 | |
1 | |
1 |