RestBridge/authenticate.bbj at master · mayuraudev/RestBridge · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
use java.util.Date
use com.auth0.jwt.JWT
use com.auth0.jwt.algorithms.Algorithm
use com.auth0.jwt.exceptions.JWTCreationException
use com.auth0.jwt.interfaces.DecodedJWT
use com.auth0.jwt.interfaces.JWTVerifier
use com.basiscomponents.db.DataRow
ENTER

    if jwt$>"" then

        rem TODO: adjust these things according to your application's needs:
        secret$="your-256-bit-secret"
        algorithm! = Algorithm.HMAC256(secret$)

        verifier! = JWT.require(algorithm!).build()
        jwt! = verifier!.verify(jwt$,err=jwt_failed)
        authenticated=1
        payload$ = java.util.Base64.getDecoder().decode(jwt!.getPayload())
        jwtpayload! = DataRow.fromJson(payload$)

        rem setting user$ to the JWT subject string
        rem if the username is required later and it's in the payload this would probably be the best place to set user$

        user$=jwt!.getSubject()

        rem storing the payload as a DataRow into the object table
        rem if you need it later, simply use something like this:
        rem
        rem jwtpayload! = BBjAPI().getObjectTable().get("JWTPAYLOAD")
        BBjAPI().getObjectTable().put("JWTPAYLOAD",jwtpayload!)

        rem if your payload is needed in original json, we also put the payload$ into an STBL
        dummy$=STBL("JWTPAYLOAD",payload$)
    else
        rem in this place authenticate against the Admin API
        adminAPI! = BBjAPI().getAdmin(user$,password$,err=*next)
        if adminAPI! = null() then
            throw "Wrong username and/or password",25
        else
            authenticated=1
            adminAPI!.release()
        endif
    endif

END

jwt_failed:
    emes$=errmes(-1)
    if pos(":"=emes$)>0 then
        emes$=cvs(emes$(pos(":"=emes$)+1),3)
    endif
    throw emes$,25


ON_REQUEST:
	rem This label gets called when a request has been made to the RestBridge

	exit


ON_CLEANUP:
	rem This label gets called right before the RestBCAdapter program ends,
	rem and is meant to perform some cleanup operations

	exit


ISSUE_JWT:
    enter

    rem TODO: adjust these things according to your application's needs:
    secret$="your-256-bit-secret"
    issuer$="BBj REST Bridge Plug-In"
    audience$="You"

    rem make it expire in one day
    expires_in = 24*60*60*1000

    algorithm! = Algorithm.HMAC256(secret$)

    exp! = new Date(System.currentTimeMillis()+expires_in)

    t! = JWT.create()
    t!.withIssuer(issuer$)
    t!.withAudience(audience$)
    t!.withSubject(user$)
    t!.withExpiresAt(exp!)

    rem you can set additional payload values
    rem t!.withClaim("foo","bar")

    token$=t!.sign(algorithm!)

    token_rec!.setFieldValue("access_token",token$)
    token_rec!.setFieldValue("expires_in",expires_in)
    token_rec!.setFieldValue("expires",exp!.toString())
    exit