Key Information

Register
Submit
The challenge is finished.

Challenge Overview

Detailed Requirement

In current authentication interceptor, we check the sso cookie, if user is logged in we continue, else we redirect to login page. In this challenge, we need to add validation tcjwt as well, and redirect to login page if jwt is invalid. To do that we need to add the client secret in the config (we already have client id).

Refrence for validating jwt.

https://docs.auth0.com/server-apis/java

And this is how dircect api validates jwt, https://github.com/cloudspokes/direct-api/blob/master/src/main/java/com/topcoder/direct/api/security/SecurityUtil.java#L126

Reference this to get jwt cookie https://github.com/cloudspokes/direct-app/blob/dev/src/java/main/com/topcoder/direct/services/view/action/my/MyCreatedChallengesAction.java#L63, also if no such cookie we redirect to login as well.

VM secret ZEEIRf_aLhvbYymAMTFefoEJ_8y7ELrUaboMTmE5fQoJXEo7sxxyg8IW6gtbyKuT

Code Base

  • https://github.com/cloudspokes/direct-app/tree/jwt-validation

VM Environment

If you need a TopCoder VM to work on this challenge, Please request the VM in the challenge forum.

Information about VM can be found below:

VM specific information is found here: http://www.topcoder.com/wiki/display/docs/VM+Image+2.5 and https://github.com/cloudspokes/direct-app/blob/dev/README.md

If you could not login into Direct on VM, try the following:

1) Update the following to /home/direct/direct token.properties

@ApplicationServer.SERVER_NAME@=cockpit.cloud.topcoder.com
 Rebuild and restart the topcoder Direct

2) Add the following to /home/tc/jboss-4.0.4.GA/server/all/conf/ApplicationServer.properties
JWT_COOKIE_KEY = tcjwt
Restart the jboss under /home/tc

Upon registration as a submitter or reviewer you will need to request a VM based on the new TopCoder Cockpit/Direct image. To request your image, please use the forum. Before requesting your VM, you need to ensure that you have an SSH key created and in your member profile. Instructions to do so are here: http://www.topcoder.com/wiki/display/projects/Generate+SSH+Key, and instructions to connect afterwards are here: http://www.topcoder.com/wiki/display/projects/Connect+Using+SSH+Key.



Final Submission Guidelines

  • All the added / updated files or a patch file that can be applied to git repo 
  • A deployment guide with detailed verification steps.

REVIEW STYLE:

Final Review:

Community Review Board

Approval:

User Sign-Off

SHARE:

ID: 30047417