Description
The Java SDK Auth library is an extension to the Java SDK library which adds additional authorization options for communicating with the Gigya servers.
Required Dependencies
The Java SDK Auth library is not a stand-alone library and requires the latest Java SDK (v3.2.3 or above) in order to be compiled alongside it.
Dependencies
Java JWT: JSON Web Token for Java
Gradle Implementation
compile 'io.jsonwebtoken:jjwt-api:0.10.7' runtime 'io.jsonwebtoken:jjwt-impl:0.10.7', 'io.jsonwebtoken:jjwt-jackson:0.10.7'
Maven Implementation
<dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt-api</artifactId> <version>0.10.7</version> </dependency> <dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt-impl</artifactId> <version>0.10.7</version> <scope>runtime</scope> </dependency> <dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt-jackson</artifactId> <version>0.10.7</version> <scope>runtime</scope> </dependency>
If Maven or Gradle are not used, add the following references:
jackson-annotations-2.9.0.jar jackson-core-2.9.9.jar jackson-databind-2.9.9.1.jar
Usage
Authenticating using the GSAuthRequest class
An exmaple of using the GSAuthRequest class to retrieve user data.
final GSAuthRequest request = new GSAuthRequest(USER_KEY, PRIVATE_KEY, API_KEY, "accounts.getAccountInfo"); request.setParam("UID", USER_UID); final GSResponse response = request.send(); if (response.getErrorCode() == 0) { // Success. } else { // Fail. }
Verify an ID Token
You are able to verify the signature of a provided JWT id_token using your JWK public key.
Cache the public key using:
GSAuthRequestUtils.addToPublicKeyCache(DATA_CENTER, JWK_PUBLIC_KEY)
Once the public key for the specific data center is available to the SDK, you will be able to verify a token signature using:
final boolean verified = GSAuthRequestUtils.validateSignature(id_token, API_KEY, API_DOMAIN);
Additional Information
Java Authentication Library Reference