bad request error when authenticating using https://ims-na1.adobelogin.com:443/ims/exchange/jwt

New Here ,
Sep 02, 2022 Sep 02, 2022

Copy link to clipboard

Copied

Hi,

 

i am observing intermittent error when trying to authenticate before using Document Services APIs.

 

Error we are getting is:

 

"HTTP POST on resource 'https://ims-na1.adobelogin.com:443/ims/exchange/jwt' failed: bad request (400)."

 

payload sent looks similar to:

 

------=_Part_352_233760641.1662146129018
Content-Type: text/plain
Content-Disposition: form-data; name="client_id"

xxxxxxxxxxxxxxx
------=_Part_352_233760641.1662146129018
Content-Type: text/plain
Content-Disposition: form-data; name="client_secret"

xxxxxxxxxxxxxxx
------=_Part_352_233760641.1662146129018
Content-Type: text/plain
Content-Disposition: form-data; name="jwt_token"


xxxxxxxxxxxxxxxxxxxxxxxxx
------=_Part_352_233760641.1662146129018--
 
JWT token is generated using Java class:
 

package io.adobe.solutions;

import static java.lang.Boolean.TRUE;

import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;

import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;

public class IMSClient {

public static String getJWTToken(String orgId, String technicalAccountId, String apiKey,String keyPath,String imsHost, String[] metascopes, int requestedExpirationTime)
throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
// Expiration time in seconds
Long expirationTime = System.currentTimeMillis() / 1000 + requestedExpirationTime;
// Metascopes associated to key
//String metascopes[] = metascopes;

// # create the certificate and private key using openssl
// $ openssl req -nodes -text -x509 -newkey rsa:2048 -keyout secret.pem -out
// certificate.pem -days 356
//
// Upload the certificate.pem in Adobe IO Console-> Your Integration-> Public
// keys
//
// # convert private key to DER format
// $ openssl pkcs8 -topk8 -inform PEM -outform DER -in secret.pem -nocrypt >
// secret.key

// Secret key as byte array. Secret key file should be in DER encoded format.
byte[] privateKeyFileContent = Files.readAllBytes(Paths.get(keyPath));

// Read the private key
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
KeySpec ks = new PKCS8EncodedKeySpec(privateKeyFileContent);
RSAPrivateKey privateKey = (RSAPrivateKey) keyFactory.generatePrivate(ks);

// Create JWT payload
Map<String, Object> jwtClaims = new HashMap<String, Object>();
jwtClaims.put("iss", orgId);
jwtClaims.put("sub", technicalAccountId);
jwtClaims.put("exp", expirationTime);
jwtClaims.put("aud", "https://" + imsHost + "/c/" + apiKey);
for(String metascope : metascopes) {
jwtClaims.put("https://" + imsHost + "/s/" + metascope, TRUE);
}

SignatureAlgorithm sa = SignatureAlgorithm.RS256;
// Create the final JWT token
String jwtToken = Jwts.builder().setClaims(jwtClaims).signWith(sa, privateKey).compact();

return jwtToken;
}

}

 

As i said, the issue happens from time to time and we are using the same parameters.

 

Any ideas how to fix this?

 

Thanks

TOPICS
Java SDK , PDF Services API , REST APIs

Views

25

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
no replies

Have something to add?

Join the conversation
Resources