{
"alg": "RS256" – JWT Signing algorithm
"typ": "JWT", - JWT
"kid": "<app key>" - User key from the application
}
{
"iat": 1548189000, - Timestamp that identifies when the JWT was issued
"jti": "b3t567895-r56y-7659-5t6i-t67y64456784",
- A nonce ensuring that this JWT can be used only once
}
RSA Private Key converted to PKCS#8 Private Key signed with RSA-256 hashing algorithm
import com.sap.gateway.ip.core.customdev.util.Message;
import java.util.HashMap;
import io.jsonwebtoken.*
import com.sap.it.api.ITApiFactory;
import java.util.Base64
import java.security.spec.PKCS8EncodedKeySpec
import com.sap.it.api.keystore.KeystoreService;
import java.security.KeyFactory
import java.security.Key;
import java.math.BigDecimal
//Get the timestamp with validity of 1 minute from now
def timeStamp = (System.currentTimeMillis() / 1000 + 60)
timeStamp = timeStamp.setScale(0, BigDecimal.ROUND_DOWN);
//Get the JWT ID and User key from exchange property
jwtid = message.getProperty("JWT_ID")
userKey = message.getProperty("UserKey")
String jsonString = """{"iat":${timeStamp}, "jti":"${jwtid}"}""";
Key privateKey = keyService.getKey("rsa_private_key");
//Encode the key in Base 64
def base64EncodedPrivateKey = (Base64.getEncoder().encode(privateKey.getEncoded()));
//Create an instance of PKCS8EncodedKeySpec with the given encoded key
def pkcs8KeySpec = new PKCS8EncodedKeySpec(base64EncodedPrivateKey)
//Get an instance of KeyFactory to convert keys to RSA algorithm
def pkcs8KeyFactory = KeyFactory.getInstance("RSA")
//Generate a private key in PKCS8 format
def pkcs8Key = pkcs8KeyFactory.generatePrivate(pkcs8KeySpec)
String jwtToken = Jwts.builder()
.setHeaderParam("typ","JWT")
.setHeaderParam("alg","RS256")
.setHeaderParam("kid",userKey)
.setPayload(jsonString)
.signWith(SignatureAlgorithm.RS256, pkcs8Key)
.compact();
//Assign the token to message body
message.body = jwtToken
//Get the timestamp of 1 minute from now
def timeStamp = (System.currentTimeMillis() / 1000 + 60)
timeStamp = timeStamp.setScale(0, BigDecimal.ROUND_DOWN);
jwtid = UUID.randomUUID().toString()
Regards,
ArunKumar Balakrishnan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
34 | |
13 | |
11 | |
11 | |
10 | |
9 | |
9 | |
9 | |
8 | |
7 |