Skip to main content
D
defaultw2llos8zjwio
Participant
September 2, 2022
Question

bad request error when authenticating using https://ims-na1.adobelogin.com:443/ims/exchange/jwt

  • September 2, 2022
  • 0 replies
  • 389 views

Hi,

 

i am observing intermittent error when trying to authenticate before using Document Services APIs.

 

Error we are getting is:

 

"HTTP POST on resource 'https://ims-na1.adobelogin.com:443/ims/exchange/jwt' failed: bad request (400)."

 

payload sent looks similar to:

 

------=_Part_352_233760641.1662146129018
Content-Type: text/plain
Content-Disposition: form-data; name="client_id"

xxxxxxxxxxxxxxx
------=_Part_352_233760641.1662146129018
Content-Type: text/plain
Content-Disposition: form-data; name="client_secret"

xxxxxxxxxxxxxxx
------=_Part_352_233760641.1662146129018
Content-Type: text/plain
Content-Disposition: form-data; name="jwt_token"


xxxxxxxxxxxxxxxxxxxxxxxxx
------=_Part_352_233760641.1662146129018--
 
JWT token is generated using Java class:
 

package io.adobe.solutions;

import static java.lang.Boolean.TRUE;

import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;

import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;

public class IMSClient {

public static String getJWTToken(String orgId, String technicalAccountId, String apiKey,String keyPath,String imsHost, String[] metascopes, int requestedExpirationTime)
throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
// Expiration time in seconds
Long expirationTime = System.currentTimeMillis() / 1000 + requestedExpirationTime;
// Metascopes associated to key
//String metascopes[] = metascopes;

// # create the certificate and private key using openssl
// $ openssl req -nodes -text -x509 -newkey rsa:2048 -keyout secret.pem -out
// certificate.pem -days 356
//
// Upload the certificate.pem in Adobe IO Console-> Your Integration-> Public
// keys
//
// # convert private key to DER format
// $ openssl pkcs8 -topk8 -inform PEM -outform DER -in secret.pem -nocrypt >
// secret.key

// Secret key as byte array. Secret key file should be in DER encoded format.
byte[] privateKeyFileContent = Files.readAllBytes(Paths.get(keyPath));

// Read the private key
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
KeySpec ks = new PKCS8EncodedKeySpec(privateKeyFileContent);
RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(ks);

// Create JWT payload
Map<String, Object> jwtClaims = new HashMap<String, Object>();
jwtClaims.put("iss", orgId);
jwtClaims.put("sub", technicalAccountId);
jwtClaims.put("exp", expirationTime);
jwtClaims.put("aud", "https://" + imsHost + "/c/" + apiKey);
for(String metascope : metascopes) {
jwtClaims.put("https://" + imsHost + "/s/" + metascope, TRUE);
}

SignatureAlgorithm sa = SignatureAlgorithm.RS256;
// Create the final JWT token
String jwtToken = Jwts.builder().setClaims(jwtClaims).signWith(sa, privateKey).compact();

return jwtToken;
}

}

 

As i said, the issue happens from time to time and we are using the same parameters.

 

Any ideas how to fix this?

 

Thanks

This topic has been closed for replies.
Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices