Service Authentication

How to make authenticated rest calls between oe-cloud based services

In order to make an authinticated rest call between oe-cloud services we use the ‘oe-jwt-generator’ package in order to generate jwt tokens that will allow authentication.

Example code:

var request = require('request');
var jwtGenerator = require('oe-jwt-generator');
var server = require('server/server');

var claims = [};
jwtGenerator(claims, server.app, (err, token) => {
	var requestOptions = {
  		url: 'oecloud.com', 
  		method: 'GET', 
  		headers: {'x-jwt-assertion': token}
	}
	request(requestOptions, (err, response, body) => {}
});

Use the oe-jwt-generator to generate a token and pass it on the ‘x-jwt-assertion’ header.

jwtGenerator arguments (by order):

claims: object contains user data to pass on the jwt

app: the oe-cloud app instance (used to get the service name)

callback: function which recives error and token arguments.

Setting up jwt secrets

oe-cloud service are configured with a default secret out of the box, it is strongly recommended to configure your own secret or keys.

jwt secrets are configured through the following environment variables:

SECRET_OR_PUBLIC_KEY - public ssl key or shared secret

SECRET_OR_KEY - private ssl key or shared secret

When using secret make sure it is the same for both variables.

When using private and public keys configure according to variables name.

Table of contents: