Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

nuxeo-js-client - OAuth 2 JWT Flow authentification - SOLVED

freemann_
Star Contributor
Star Contributor

‎04-04-2019 08:40 AM

Hi people,

I want to use a** JWT token** witch come from a specific API REST server in my angular 7 app to connect to nuxeo server through **nuxeo-js-client ** and OAuth 2 JWT Flow but I don't have an example. There are not a real example on how to implement OAuth 2 JWT Flow.

Nuxeo server side I use nuxeo.jwt.secret in nuxeo.conf to exchange secret between API REST and Nuxeo server to decode the JWT nuxeo side.

Thanks for help

0 Kudos
4 REPLIES 4

Thomas_Roger
Star Contributor
Star Contributor

‎04-04-2019 10:30 AM

Hi,

I'm not sure I correctly understand what you want to achieve, but here are some thoughts:

Assuming you have a JWT token that can be read by the Nuxeo server (same JWT shared secret on the Nuxeo server and the specific API REST server), you need to do the OAuth2 flow with urn:ietf:params:oauth:grant-type:jwt-bearer as grant_type:

POST https://NUXEO_SERVER/nuxeo/oauth2/token?grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
&client_id=myApp&assertion=JWT_TOKEN

See https://doc.nuxeo.com/nxdoc/using-oauth2/#requesting-an-access-token-with-a-jwt

0 Kudos

freemann_
Star Contributor
Star Contributor

‎04-04-2019 10:46 AM

Hey Thomas Roger, Thanks for your reply. I progress on my angular 7 app and nuxeo-js-client and I want to use JWT for authentication. So how to use OAuth2 flow in nuxeo-js-client ?

var code = ...
Nuxeo.oauth2.fetchAccessToken('http://localhost:8080/nuxeo', 'my-app', code, {
  redirect_uri: 'http://localhost:8000/authorize',
}).then(function(token) {
  // do something with the access token
  var nuxeo = new Nuxeo({
    auth: {
      method: 'bearerToken',
      token: token
    }
  });
});

Where can I use differents attributs like grant_type, assertion, etc.. It seems nuxeo-js-client have not implementation for use OAuth2 flow for requesting an Access Token with a JWT like

var jwtToken = ...
Nuxeo.oauth2.fetchAccessToken('http://localhost:8080/nuxeo', 'my-app', jwtToken).then(function(token) {
// do something with the access token
var nuxeo = new Nuxeo({
auth: {
method: 'bearerToken',
token: token
}
});
});

I Opend an issue to make a little update on nuxeo-js-client : https://github.com/nuxeo/nuxeo-js-client/issues/88

Thanks for help

0 Kudos

freemann_
Star Contributor
Star Contributor

‎04-05-2019 04:17 AM

Hi Thomas Roger,

I tried this code to force jwtToken but in http POST parameters there is not assertion but code, so I get http status 500

if (jwtToken !== null) {
  Nuxeo.oauth2.fetchAccessToken(this.nuxeoUri, this.clienId, jwtToken, {
   grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
   }).then(function(myToken) {
      this.nuxeoClient = new Nuxeo({
              baseURL: this.nuxeoUri,
              apiPath: this.nuxeoApi,
              auth: {
                  method: 'bearerToken',
                  token: myToken,
              },
            // Activation du CORS
            headers: this.defaultHeader,
      });    
    });
}

In http POST parameters :

**code** eyJhbGciOiJIUzI1NiJ9.eyJzdWIi....
grant_type urn:ietf:params:oauth:grant-type:jwt-bearer
client_id Ng2

Thanks

0 Kudos

freemann_
Star Contributor
Star Contributor
In response to freemann_

‎04-05-2019 09:49 AM

Thanks to [Thomas Roger](https

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
li.common.scroll-to.top