Jython JWT library to verify ID Token signature in custom Person Authentication Script

By: Akhil Mandepudi named 06 May 2022 at 5:43 a.m. CDT

3 Responses
Akhil Mandepudi gravatar
Hi, We need to verify the signature of external JWT ID Tokens during Authentication in gluu. After successful verification, we need to generate gluu tokens by inserting custom claims with data obtained from the verified external ID token. The [documentation](https://gluu.org/docs/gluu-server/4.0/admin-guide/custom-script/) mentions that we need to use Jython libraries compatible with Python 2. However, we are unable to find such a library online. All libraries either need Python 3 or they are through CPython. Please point us to a native gluu / 3rd party jython library we can use. Also please provide us with any sample scripts that can help us in development. Thank you.
Gluu 4.3 Ubuntu 20.04
closed

Answers

By Mohib Zico Account Admin 06 May 2022 at 9:01 a.m. CDT

Copy
Mohib Zico gravatar
Hi Akhil, For which customer you are working on this customization?

By Akhil Mandepudi named 06 May 2022 at 9:08 a.m. CDT

Copy
Akhil Mandepudi gravatar
Hi, The ID token will be from an OpenID compatible identity provider and the public keys to verify the signature will be accessible to the gluu server from it's discovery endpoint. .well-known/openid-configuration "jwks_uri" Thanks.

By Michael Schwartz Account Admin 06 May 2022 at 9:59 a.m. CDT

Copy
Michael Schwartz gravatar
This is for one of the leads we have in the pipeline. This has to be done in Java. Luckily, Jython allows you to import either Python or Java libraries. There are tons of examples of how to use Java cryptographic libraries on the Internet. This is out of scope of the kind of support we provide.

Post an answer