nuxeo-js-client - OAuth 2 JWT Flow authentification - SOLVED
Hi people,
I want to use a JWT token witch come from a specific API REST server in my angular 7 app to connect to nuxeo server through nuxeo-js-client and OAuth 2 JWT Flow** but I don't have an example. There are not a real example on how to implement OAuth 2 JWT Flow.
Nuxeo server side I use nuxeo.jwt.secret
in nuxeo.conf to exchange secret between API REST and Nuxeo server to decode the JWT nuxeo side.
Thanks for help
Hi Thomas Roger,
I tried this code to force jwtToken but in http POST parameters there is not assertion
but code
, so I get http status 500
if (jwtToken !== null) {
Nuxeo.oauth2.fetchAccessToken(this.nuxeoUri, this.clienId, jwtToken, {
grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
}).then(function(myToken) {
this.nuxeoClient = new Nuxeo({
baseURL: this.nuxeoUri,
apiPath: this.nuxeoApi,
auth: {
method: 'bearerToken',
token: myToken,
},
// Activation du CORS
headers: this.defaultHeader,
});
});
}
In http POST parameters :
**code** eyJhbGciOiJIUzI1NiJ9.eyJzdWIi....
grant_type urn:ietf:params:oauth:grant-type:jwt-bearer
client_id Ng2
Thanks
Hey Thomas Roger, Thanks for your reply. I progress on my angular 7 app and nuxeo-js-client and I want to use JWT for authentication. So how to use OAuth2 flow in nuxeo-js-client ?
var code = ...
Nuxeo.oauth2.fetchAccessToken('http://localhost:8080/nuxeo', 'my-app', code, {
redirect_uri: 'http://localhost:8000/authorize',
}).then(function(token) {
// do something with the access token
var nuxeo = new Nuxeo({
auth: {
method: 'bearerToken',
token: token
}
});
});
Where can I use differents attributs like grant_type
, assertion
, etc.. It seems nuxeo-js-client have not implementation for use OAuth2 flow for requesting an Access Token with a JWT like
var jwtToken = ...
Nuxeo.oauth2.fetchAccessToken('http://localhost:8080/nuxeo', 'my-app', jwtToken).then(function(token) {
// do something with the access token
var nuxeo = new Nuxeo({
auth: {
method: 'bearerToken',
token: token
}
});
});
I Opend an issue to make a little update on nuxeo-js-client : https://github.com/nuxeo/nuxeo-js-client/issues/88
Thanks for help
Hi,
I'm not sure I correctly understand what you want to achieve, but here are some thoughts:
Assuming you have a JWT token that can be read by the Nuxeo server (same JWT shared secret on the Nuxeo server and the specific API REST server), you need to do the OAuth2 flow with urn:ietf:params:oauth:grant-type:jwt-bearer
as grant_type
:
POST https://NUXEO_SERVER/nuxeo/oauth2/token?grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
&client_id=myApp&assertion=JWT_TOKEN
See https://doc.nuxeo.com/nxdoc/using-oauth2/#requesting-an-access-token-with-a-jwt