Challenge Overview
Previously, we have built several AWS Lambda Functions, which needs to pass a userId field as current user/operator.
For this challenge, we'd like to revise the logic, to passing a tcjwt field with JWT token instead of directly passing a userId field in the request.
For the JWT Token there will be two version, you can use jwt.io to view the payload, which
version 1:
eyJ0eXBlIjoiSldUIiwiYWxnIjoiSFMyNTYifQ.eyJpc3MiOiJodHRwczovL3NtYS5hdXRoMC5jb20iLCJzdWIiOiJhZHwxMzI0NTYiLCJhdWQiOiJDTWFCdXdTblkwVnU2OFBMcldhdHZ2dTNpSWlHUGg3dCIsImV4cCI6MTQ5NzUzMDA5MywiaWF0IjoxNDYxNTMwMDkzfQ.wFJzRiUVY9cUDpuSIXWDShxzALP47NXuVWDSHiwCax0
the payload is like
{
"iss": "https://sma.auth0.com",
"sub": "ad|132456",
"aud": "CMaBuwSnY0Vu68PLrWatvvu3iIiGPh7t",
"exp": 1497530093,
"iat": 1461530093
}
version 2:
eyJ0eXBlIjoiSldUIiwiYWxnIjoiSFMyNTYifQ.eyJyb2xlcyI6WyJhZG1pbmlzdHJhdG9yIl0sImlzcyI6Imh0dHBzOi8vYXBpLnRvcGNvZGVyLXZtLmNvbSIsImhhbmRsZSI6ImhlZmZhbiIsImV4cCI6MTQ2MTEwNzg3MSwidXNlcklkIjoiMTMyNDU2IiwiaWF0IjoxNDYxMTA3MjcxLCJlbWFpbCI6ImVtYWlsQGRvbWFpbi5jb20ueiIsImp0aSI6ImM1ZGM4MTYzLTAzYTUtNDhlOS1iYjc2LTBiMTE0MTBkZTAxZiJ9.SauUwbz32Tfh_RlngrjXD2gd_hhaqAlbvoVWY3GLD10
the payload is like
{
"roles": [
"administrator"
],
"iss": "https://api.topcoder-vm.com",
"handle": "heffan",
"exp": 1461107871,
"userId": "132456",
"iat": 1461107271,
"email": "email@domain.com.z",
"jti": "c5dc8163-03a5-48e9-bb76-0b11410de01f"
}
it is hard to distiguish the two version, so it will be
1, try to get the userId field, if present.
2. parse out the userId from sub field
Please should use https://github.com/auth0/java-jwt to verify the JWT token and extract the userId.
other logic should remain unchanged.
So basically, you should do like
1. define a BaseRequest class, which contains the tcjwt field and the logic to parse out the userId. all other XXXRequest class should extends from it.
2. update the build.gradle to use auth0's java-jwt.
3. use the userId parsed out from jwt token.
4. update the deployment guide to include the changes.
For this challenge, we'd like to revise the logic, to passing a tcjwt field with JWT token instead of directly passing a userId field in the request.
For the JWT Token there will be two version, you can use jwt.io to view the payload, which
version 1:
eyJ0eXBlIjoiSldUIiwiYWxnIjoiSFMyNTYifQ.eyJpc3MiOiJodHRwczovL3NtYS5hdXRoMC5jb20iLCJzdWIiOiJhZHwxMzI0NTYiLCJhdWQiOiJDTWFCdXdTblkwVnU2OFBMcldhdHZ2dTNpSWlHUGg3dCIsImV4cCI6MTQ5NzUzMDA5MywiaWF0IjoxNDYxNTMwMDkzfQ.wFJzRiUVY9cUDpuSIXWDShxzALP47NXuVWDSHiwCax0
the payload is like
{
"iss": "https://sma.auth0.com",
"sub": "ad|132456",
"aud": "CMaBuwSnY0Vu68PLrWatvvu3iIiGPh7t",
"exp": 1497530093,
"iat": 1461530093
}
version 2:
eyJ0eXBlIjoiSldUIiwiYWxnIjoiSFMyNTYifQ.eyJyb2xlcyI6WyJhZG1pbmlzdHJhdG9yIl0sImlzcyI6Imh0dHBzOi8vYXBpLnRvcGNvZGVyLXZtLmNvbSIsImhhbmRsZSI6ImhlZmZhbiIsImV4cCI6MTQ2MTEwNzg3MSwidXNlcklkIjoiMTMyNDU2IiwiaWF0IjoxNDYxMTA3MjcxLCJlbWFpbCI6ImVtYWlsQGRvbWFpbi5jb20ueiIsImp0aSI6ImM1ZGM4MTYzLTAzYTUtNDhlOS1iYjc2LTBiMTE0MTBkZTAxZiJ9.SauUwbz32Tfh_RlngrjXD2gd_hhaqAlbvoVWY3GLD10
the payload is like
{
"roles": [
"administrator"
],
"iss": "https://api.topcoder-vm.com",
"handle": "heffan",
"exp": 1461107871,
"userId": "132456",
"iat": 1461107271,
"email": "email@domain.com.z",
"jti": "c5dc8163-03a5-48e9-bb76-0b11410de01f"
}
it is hard to distiguish the two version, so it will be
1, try to get the userId field, if present.
2. parse out the userId from sub field
Please should use https://github.com/auth0/java-jwt to verify the JWT token and extract the userId.
other logic should remain unchanged.
So basically, you should do like
1. define a BaseRequest class, which contains the tcjwt field and the logic to parse out the userId. all other XXXRequest class should extends from it.
2. update the build.gradle to use auth0's java-jwt.
3. use the userId parsed out from jwt token.
4. update the deployment guide to include the changes.