Generating JWT Token for APNS Authentication
378 views
Skip to first unread message
Udit Agrawal
Jul 29, 2021, 11:32:11 AM7/29/21
to vert.x
Hi,
I am new to vertx, i am using vertx 3.9.3, i need to generate a JWT token for APNS authentication for iOS push notifications.
Here's what i did so far to generate the token but when i send the request to APNS it says "403 - InvalidProviderToken"....
I am creating the token like this -
private String createJwt() {
Instant now = Instant.now();
JsonObject decoded = new JsonObject()
.put("alg", "ES256")
.put("kid", AUTHKEY_KID)
.put("iss", AUTHKEY_TEAMID)
.put("iat", now.getEpochSecond());
String jwt = oauth2JWTProvider.generateToken(decoded,
new JWTOptions().setAlgorithm("ES256"));
return jwt;
}
Instant now = Instant.now();
JsonObject decoded = new JsonObject()
.put("alg", "ES256")
.put("kid", AUTHKEY_KID)
.put("iss", AUTHKEY_TEAMID)
.put("iat", now.getEpochSecond());
String jwt = oauth2JWTProvider.generateToken(decoded,
new JWTOptions().setAlgorithm("ES256"));
return jwt;
}
I am generating the oauth2JWTProvider like this -
private JWTAuth createOauthProvider() {
PubSecKeyOptions pubSecKeyOptions = new PubSecKeyOptions()
.setAlgorithm("ES256").setSecretKey(*/private key from .p8 extracted as is removing unwanted part in base64*/);
return JWTAuth.create(vertx(), new JWTAuthOptions().addPubSecKey(pubSecKeyOptions));
}
PubSecKeyOptions pubSecKeyOptions = new PubSecKeyOptions()
.setAlgorithm("ES256").setSecretKey(*/private key from .p8 extracted as is removing unwanted part in base64*/);
return JWTAuth.create(vertx(), new JWTAuthOptions().addPubSecKey(pubSecKeyOptions));
}
Please provider any pointers necessary ? Thanks!!
Paulo Lopes
Jul 29, 2021, 2:14:49 PM7/29/21
to vert.x
Hi,
I never uses APNs but from this manual: https://developer.apple.com/documentation/usernotifications/sending_push_notifications_using_command-line_tools
It looks like you're creating the token with the wrong format:
Instant now = Instant.now();
JsonObject decoded = new JsonObject()
.put("alg", "ES256")
JsonObject decoded = new JsonObject()
.put("alg", "ES256")
.put("kid", "${AUTH_KEY_ID}")
.put("iss", "${TEAM_ID}")
.put("iat", now.getEpochSecond());
token = authProvider.generateToken(
decoded,
new JWTOptions()
.setAlgorithm("ES256"));
// {
// "typ": "JWT",
// "alg": "ES256"
// }.{
// "alg": "ES256",
// "kid": "${AUTH_KEY_ID}",
// "iss": "${TEAM_ID}",
// "iat": 1627582196
// }.[Signature]
.put("iss", "${TEAM_ID}")
.put("iat", now.getEpochSecond());
token = authProvider.generateToken(
decoded,
new JWTOptions()
.setAlgorithm("ES256"));
// {
// "typ": "JWT",
// "alg": "ES256"
// }.{
// "alg": "ES256",
// "kid": "${AUTH_KEY_ID}",
// "iss": "${TEAM_ID}",
// "iat": 1627582196
// }.[Signature]
While from that manual I think you want:
JsonObject payload = new JsonObject();
String token = authProvider.generateToken(
payload,
new JWTOptions()
.setIssuer("${TEAM_ID}")
.setAlgorithm("ES256")
.setHeader(new JsonObject().put("kid", "${AUTH_KEY_ID}")));
// {
// "kid": "${AUTH_KEY_ID}",
// "typ": "JWT",
// "alg": "ES256"
// }.{
// "iat": 1627580331,
// "iss": "${TEAM_ID}"
// }.[Signature]
String token = authProvider.generateToken(
payload,
new JWTOptions()
.setIssuer("${TEAM_ID}")
.setAlgorithm("ES256")
.setHeader(new JsonObject().put("kid", "${AUTH_KEY_ID}")));
// {
// "kid": "${AUTH_KEY_ID}",
// "typ": "JWT",
// "alg": "ES256"
// }.{
// "iat": 1627580331,
// "iss": "${TEAM_ID}"
// }.[Signature]
Note that in order to change the default values or the contents of the header, you need to specify the fields in the jwtOptions, not on the claims.
"kid" is a missing property we should add a shortcut instead of needing the header to be provided manually (but that is an API improvement).
Let me know if this works for you!
Cheers,
Paulo
Reply all
Reply to author
Forward
0 new messages