Generate JWT token for a virtual service

View Only

Back to discussions

Expand all | Collapse all

Generate JWT token for a virtual service

Jump to Best Answer

1. Generate JWT token for a virtual service

0 Recommend
ANAND PATEL
Posted Sep 09, 2019 11:16 AM

Reply Reply Privately
Hi,

Is there a way to generate JWT token for a virtual service ?

Thanks,
Anand
2. RE: Generate JWT token for a virtual service

0 Recommend
Sabir Sayyad
Posted Sep 10, 2019 12:05 AM

Reply Reply Privately
Hi Anand,

You can use Unique Code Generator under DataSet which which generate alphanumeric JWT for you
As JWT is a combinatory of header.payload.signature, you need to use 3 different Unique Code Generator, store all in one property by combining all including .

PFB:

Original Message
3. RE: Generate JWT token for a virtual service

0 Recommend
ANAND PATEL
Posted Sep 10, 2019 10:42 AM

Reply Reply Privately
Hi Sabir,

Thanks for your response. However, I am looking to generate JWT token from my virtual service which my application under test can decode and consume.

Regards,
Anand

Original Message
4. RE: Generate JWT token for a virtual service

0 Recommend
Broadcom Employee

Premalatha Gadde
Posted Sep 10, 2019 01:52 PM

Reply Reply Privately
Hi Anand,

Are you accessing any URL in your VSM to get a JWT token and use that in your VSI response which your application can decode it?

Could you share your VSM screenshot ?

Prema

Original Message
5. RE: Generate JWT token for a virtual service

0 Recommend
ANAND PATEL
Posted Sep 11, 2019 12:33 PM

Reply Reply Privately
Hi Prema,

I am not accessing any URL or external service in my VSM. I would like to generate JWT from my virtual service itself.

Thanks,
Anand

Original Message
6. RE: Generate JWT token for a virtual service

0 Recommend
Danny Saro
Posted Sep 11, 2019 01:59 AM

Reply Reply Privately
Hi Anand,

Not OOTB, this will have to be done in a script.

But you will need to know some of the specifics of how JWT is used between you server (the one you are virtualizing) and you clients.

For the JWT header: you need to know which algorithm(s) that can be used

For the JWT payload: you need to know which fields (claims) are expected, especially if there are custom claims involved

For the JWT signature: you will need a private key that is accepted by the client – ie. for which the client has its public key counterpart. (This I found is often the tricky part because as SV engineers we are often not allowed to know and/or use the production private key)

Cheers,

Danny

::DISCLAIMER::

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents (with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates. Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of authorized representative of HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any email and/or attachments, please check them for viruses and other defects.

Original Message
7. RE: Generate JWT token for a virtual service

0 Recommend
ANAND PATEL
Posted Sep 11, 2019 12:37 PM

Reply Reply Privately
Hi Danny,

I understand this might not be available OOTB. How can it be implemented in a script ?

For example if I make following request to the VS :

Request :-
curl -X POST http://{{VSEHost}}:{{VSEPort}}/api/v1/auth -H 'Authorization: Basic aBcdEgGhigk==' -H 'Content-Type: application/json' -d {"username":"test001@example.com","password":"Xyz#123"}'

Response match criteria based on field "username" with "userEmail" in the JWT Payload:-

Response :-
{ "token_type": "Bearer", "expires_in": 7200, "authToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWJzY3JpcHRpb25BY2NvdW50TnVtYmVyIjoiMTIzNDU2NyIsInN0YXR1cyI6IkFDVElWRSIsInVzZXJFbWFpbCI6InRlc3QwMDFAZXhhbXBsZS5jb20iLCJuYW1lIjoiSm9obiBEb2UiLCJzdWJzY3JpcHRpb25JZCI6IjAwMSJ9.nKhilOT0-0ZKoKCr8-vvyuuNZ0gPjJSkxXBTZhK30Zs", "scope": "abc1"}

Where "authToken" should be a VALID JWT token. ( https://jwt.io/ )

JWT Header:
{
"typ": "JWT",
"alg": "HS256"
}

JWT Payload:
{
"subscriptionAccountNumber": "1234567",
"status": "ACTIVE",
"userEmail": "test001@example.com",
"name": "John Doe",
"subscriptionId": "001"
}

JWT signature : secret (I have the secret key for the system I need to virtualize)

I don't really care about any feild values except for the userEmail "test001@example.com" which would by my match criteria with the username from the request Body (attribute).

Thank You,
Anand

Original Message
8. RE: Generate JWT token for a virtual service
Best Answer

0 Recommend
Danny Saro
Posted Sep 12, 2019 09:07 AM

Reply Reply Privately
Hi Anand,

I am making the assumption that you already have a virtual service configured with the JSON DPH. So, you would have inside the virtual service an incoming request with an argument called "username".

Add a Request Data Copier DPH after the JSON DPH in the listen step, and copy all arguments to properties using the prefix "request_". So now during execution you have the property "request_username" available inside your script.

To avoid hardcoded JWT content I would also create 2 properties in your config file:

"JWT_Header"= { "typ": "JWT", "alg": "HS256" }
"JWT_Payload"= { "subscriptionAccountNumber": "1234567", "status": "ACTIVE", "userEmail": "{{request_username}}", "name": "John Doe", "subscriptionId": "001" }

And you will also have to make your secret key available, so my assumption below is you also provided it in your config file (as an example below):

"JWT_SecretKey"= 0393e944ee8108bb66fc9fa4f99f9c862481e9e0519e18232ba61b0767eee8c6

The Response in your VSI should look like:

{

  "token_type": "Bearer",

  "expires_in": 7200,

  "authToken": "{{JWT_Token}}",

"scope": "abc1"

}

Then add a script step to your VSM with following script:

import javax.crypto.spec.SecretKeySpec;

import javax.crypto.Mac;

import java.util.Base64;

       // Encode the JWT_Header

       String encodedJWT_header = Base64.getUrlEncoder().encodeToString(JWT_Header.getBytes());

       // Replace userEmail in JWT_Payload with request value, then encode JWT_Payload

       String parsedJWT_Payload = testExec.parseInState(JWT_Payload);

       String encodedJWT_Payload = Base64.getUrlEncoder().encodeToString(parsedJWT_Payload.getBytes());

       // Create JWT_Signature, then encode

Mac sha256_HMAC = Mac.getInstance("HmacSHA256");

sha256_HMAC.init(new SecretKeySpec(JWT_SecretKey.getBytes(), "HmacSHA256"));

byte[] signature = sha256_HMAC.doFinal((encodedJWT_header + '.' + encodedJWT_Payload).getBytes());

       String encodedJWT_Signature = Base64.getUrlEncoder().encodeToString(signature);



       // Create token and store as property in virtual service runtime

       String JWT_Token = encodedJWT_header + '.' + encodedJWT_Payload + '.' + encodedJWT_Signature;

       testExec.setStateValue("JWT_Token", JWT_Token);

Unfortunately, the above script is not tested

Cheers,

Danny

::DISCLAIMER::

The contents of this e-mail and any attachment(s) are confidential and intended for the named recipient(s) only. E-mail transmission is not guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses in transmission. The e mail and its contents (with or without referred errors) shall therefore not attach any liability on the originator or HCL or its affiliates. Views or opinions, if any, presented in this email are solely those of the author and may not necessarily reflect the views or opinions of HCL or its affiliates. Any form of reproduction, dissemination, copying, disclosure, modification, distribution and / or publication of this message without the prior written consent of authorized representative of HCL is strictly prohibited. If you have received this email in error please delete it and notify the sender immediately. Before opening any email and/or attachments, please check them for viruses and other defects.

Original Message

Service Virtualization

Generate JWT token for a virtual service

ANAND PATELSep 09, 2019 11:16 AM

Sabir SayyadSep 10, 2019 12:05 AM

ANAND PATELSep 10, 2019 10:42 AM

Premalatha GaddeSep 10, 2019 01:52 PM

ANAND PATELSep 11, 2019 12:33 PM

Danny SaroSep 11, 2019 01:59 AM

ANAND PATELSep 11, 2019 12:37 PM

Danny SaroSep 12, 2019 09:07 AMBest Answer

1. Generate JWT token for a virtual service

2. RE: Generate JWT token for a virtual service

3. RE: Generate JWT token for a virtual service

4. RE: Generate JWT token for a virtual service

5. RE: Generate JWT token for a virtual service

6. RE: Generate JWT token for a virtual service

7. RE: Generate JWT token for a virtual service

8. RE: Generate JWT token for a virtual service Best Answer

8. RE: Generate JWT token for a virtual service
Best Answer