Layer7 API Management

  • Private Community
 View Only

  • 1.  Encode json web token properties

    Posted Dec 28, 2017 06:29 PM

    Hi,

    I am using Encode Json Web Token Properties assertion to generate a jwt using a json response .I want to sign the payload using a private key



  • 2.  Re: Encode json web token properties

    Posted Dec 29, 2017 03:54 AM

    Hi Pavan,

     

    Here is an example with a policy which shows how to encode and decode json web token.

     

    https://support.ca.com/us/knowledge-base-articles.TEC1767959.html

     

    Regards

    Seenu Mathew



  • 3.  Re: Encode json web token properties

    Posted Mar 12, 2018 02:35 PM

    Thanks Seenu.



  • 4.  Re: Encode json web token properties

    Posted Feb 21, 2018 01:37 PM

    Hi Seenu,

    When policy is changed to use default ssl key, which is created in the policy using Create JSON Web Key following error is displayed:

    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soapenv:Body>
    <soapenv:Fault>
    <faultcode>soapenv:Server</faultcode>
    <faultstring>Policy Falsified</faultstring>
    <faultactor>https://ssg05.cibc.com:8443/russ</faultactor>
    <detail>
    <l7:policyResult xmlns:l7="http://www.layer7tech.com/ws/policy/fault" xmlns:l7p="http://www.layer7tech.com/ws/policy" status="Error in Assertion Processing">
    <l7:assertionResult assertion="l7p:AuditAssertion" status="No Error"/>
    <l7:assertionResult assertion="l7p:FaultLevel" status="No Error"/>
    <l7:assertionResult assertion="l7p:SetVariable" status="No Error"/>
    <l7:assertionResult assertion="l7p:SetVariable" status="No Error"/>
    <l7:assertionResult assertion="l7p:AuditDetailAssertion" status="No Error">
    <l7:detailMessage id="-4">
    Context variable set {"kty" : "RSA", "k" : "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "kid" : "1"}
    </l7:detailMessage>
    </l7:assertionResult>
    <l7:assertionResult assertion="l7p:CreateJsonWebKey" status="No Error"/>
    <l7:assertionResult assertion="l7p:AuditDetailAssertion" status="No Error">
    <l7:detailMessage id="-5">
    Json web key is: { "keys" : [ { "kty" : "RSA", "kid" : "1", "use" : "sig", "n" : "nufYZX5MQM2i-a1Bu3pROWhWiuyfD3ner0cRrFYXKQRQeGMPa7oTr_oR2T5vitvVCYGX9t0G9MuRRZb6qVAvwsgvkxyv56KrR0fXFn6d0lzx3h8tC3DFriIYn9cNJESVi3QjbtD48GhqErh6ZxCaztJjAgw3W_TSV_1NF-wLArY0wN_AHWiA9ufVYZiBYpYWVlvFu2nuQPMkvE_vg5CXfYCjS0x-QbU74aZsiuCX988MpZU7bpV9q8BrHlY0WDfZ44pOsqyAhdn49Sob0D1AniaZM1iZgb-HI1dipYwT04QRNklJ44hgUM9fVqUHNZxOU2uloIwj8M5lWCTz2hpCYw", "e" : "AQAB" } ] }
    </l7:detailMessage>
    </l7:assertionResult>
    <l7:assertionResult assertion="l7p:EncodeJsonWebToken" status="Error in Assertion Processing">
    <l7:detailMessage id="10805">JOSE Error: Error parsing JSON: null</l7:detailMessage>
    <l7:detailMessage id="10813">Could not find signing key for JWS operation.</l7:detailMessage>
    </l7:assertionResult>
    <l7:assertionResult assertion="l7p:All" status="Error in Assertion Processing"/>
    </l7:policyResult>
    </detail>
    </soapenv:Fault>
    </soapenv:Body>
    </soapenv:Envelope>
    What has to be doen to use signature from the Create JSON Web Key?
    Thanks,
    Zoran


  • 5.  Re: Encode json web token properties
    Best Answer

    Broadcom Employee
    Posted Feb 22, 2018 10:13 AM

    Hello Zoran,

     

    Per  the techdoc TEC1767959the JSON Web Key contains only public information, and does not include private key or symmetric key information. As it contains only public information it cannot be used for signing.