Configuring Custom Authentication using JWT Token (Json Web Token)
114 views
Skip to first unread message
Charlotte
Sep 1, 2021, 7:41:52 AM9/1/21
to DSpace Technical Support
Hello, I am trying to integrate Dspace 7 into my web portal but am stuck at the authentication customisation. My web portal uses a JWT Bearer Token for authentication verification and I am not sure if the same JWT bearer token can be used for Dspace.
Is there any guides regarding Dspace custom authentication using JWT bearer Token?
TLDR
Current web portal uses bearer token for authentication but has different claims compared to Dspace
Idea is to Implement custom dspace auth to call dspace from own web portal
Existing token can be validated in the portal ui
Any ideas or suggestions would be helpful
Michael Plate
Sep 1, 2021, 8:21:55 AM9/1/21
to dspac...@googlegroups.com
Hi Charlotte,
Am 01.09.21 um 10:47 schrieb Charlotte:
I had the same idea with an external service, but unfortunately the JWT
is not signed (this is enough for my service, a valid / signed and
unexpired token), so you have to verify it back on "/api/authn/status"
of DSpace - this is theory, I will give it a try in the next weeks, but
I'm keen to know your progress :) .
https://github.com/DSpace/RestContract/blob/main/authentication.md
Since X-mas is nearly there…
Couldn't we have a signed token ?
Couldn't we have OAUTH integration anyway :) ?
CU
Michael
Am 01.09.21 um 10:47 schrieb Charlotte:
> Hello, I am trying to integrate Dspace 7 into my web portal but am stuck
> at the authentication customisation. My web portal uses a JWT Bearer
> Token for authentication verification and I am not sure if the same JWT
> bearer token can be used for Dspace.
> Is there any guides regarding Dspace custom authentication using JWT
> bearer Token?
[…]
> at the authentication customisation. My web portal uses a JWT Bearer
> Token for authentication verification and I am not sure if the same JWT
> bearer token can be used for Dspace.
> Is there any guides regarding Dspace custom authentication using JWT
> bearer Token?
I had the same idea with an external service, but unfortunately the JWT
is not signed (this is enough for my service, a valid / signed and
unexpired token), so you have to verify it back on "/api/authn/status"
of DSpace - this is theory, I will give it a try in the next weeks, but
I'm keen to know your progress :) .
https://github.com/DSpace/RestContract/blob/main/authentication.md
Since X-mas is nearly there…
Couldn't we have a signed token ?
Couldn't we have OAUTH integration anyway :) ?
CU
Michael
Charlotte
Sep 1, 2021, 11:25:29 PM9/1/21
to DSpace Technical Support
Hello Micheal,
I was looking into the existing Dspace Authentication plugins and realised that to have a customisation authentication, we would have to extend the `AuthenticationMethod` here
I saw that link before but I am not sure how I could use that since my portal uses a different type of token with different claims.
This is the current json web token structure used for Dspace.
Since my portal uses b2c OpenID connect to get a bearer token, not sure how to integrate such that Dspace would accept my portal's token.
Charlotte
Sep 1, 2021, 11:33:21 PM9/1/21
to DSpace Technical Support
I am quite unfamiliar with this but currently I have two ideas (But unsure if it would match my usecase)
1. Extend the `AuthenticationMethod` in the backend and implement another way to login without a username and password
1. Extend the `AuthenticationMethod` in the backend and implement another way to login without a username and password
2. Change the current json web token structure accepted by Dspace to match the same token structure as the one done by portal. My web portal would handle the authorisation on its end
Reply all
Reply to author
Forward
0 new messages