Add some logging statements to your code... either your basic authenticator isn't getting called (because the request included no credentials) or authentication was unsuccessful.
There is no standard for deciding how to issue a JWT/JWS--you could frontend it with oauth, SSL client certificate authentication, or something else. JWT is most helpful for claims-based authentication between two different systems, where one might also consider using SAML or WS-Fed, but you don't want to deal with a dautingly complex spec. As-is your code doesn't have anything in particular to do with JWT. jose4j is a good library for that... it's not as complex as SAML but it still requires a good knowledge of JSON, message digests, etc. I wouldn't suggest tying a Principal type to JWT, cookies, or any other implementation details. The authenticator should take care of those details without dirtying the relying software modules. Try to avoid using cookies for JWT; it really belongs in an Authorization header. On Thursday, November 2, 2017 at 1:26:29 PM UTC-4, [email protected] wrote: > > I am new the JSON Web tokens but from what I've researched online, the > standard is to create an API endpoint that uses basic auth > (username/password) which returns a JWT. > > That JWT is then persisted by the client and used elsewhere by other > endpoints for authentication. > > Using this library I've tried to set it up on my service but it won't let > me fetch a token > https://github.com/dhatim/dropwizard-jwt-cookie-authentication > > Here is my code so far: > > *Principle* > > public class ShepherdAuth implements JwtCookiePrincipal { > > private String name; > private Set<String> roles; > > public ShepherdAuth(String name, Set<String> roles) { > this.name = checkNotNull(name, "User name is required"); > this.roles = checkNotNull(roles, "Roles are required"); > } > > @Override > public boolean isPersistent() { > return false; > } > > @Override > public boolean isInRole(final String s) { > return false; > } > > @Override > public String getName() { > return this.name; > } > > @Override > public boolean implies(Subject subject) { > return false; > } > > public Set<String> getRoles() { > return roles; > } > } > > > > > > > > > > > > > > > > > > > > > > > > > *Authenticatorpublic class ShepherdAuthenticator implements > Authenticator<BasicCredentials, ShepherdAuth> { private static final > Map<String, Set<String>> VALID_USERS = ImmutableMap.of( "guest", > ImmutableSet.of(), "shepherd", ImmutableSet.of("SHEPHERD"), > "admin", ImmutableSet.of("ADMIN", "SHEPHERD") ); @Override > public Optional<ShepherdAuth> authenticate(BasicCredentials credentials) > throws AuthenticationException { if > (VALID_USERS.containsKey(credentials.getUsername()) && > "password".equals(credentials.getPassword())) { return > Optional.of(new ShepherdAuth(credentials.getUsername(), > VALID_USERS.get(credentials.getUsername()))); } return > Optional.empty(); }}Resource / Controller* > > @Api > @Path("/shepherd") > @Produces(MediaType.APPLICATION_JSON) > public class ShepherdController implements ShepherdApi { > > public ShepherdController() { > } > > @PermitAll > @GET > @Path("/token") > public ShepherdAuth auth(@Auth final BasicCredentials user) { > return new ShepherdAuth(user.getUsername(), > ImmutableSet.of("SHEPHERD")); > } > > > > > > *App* > > @Override > public void initialize(final Bootstrap<ShepherdServiceConfiguration> > bootstrap) { > > bootstrap.addBundle(JwtCookieAuthBundle.getDefault()); > > bootstrap.addBundle(new SwaggerBundle<ShepherdServiceConfiguration>() { > @Override > protected SwaggerBundleConfiguration > getSwaggerBundleConfiguration(ShepherdServiceConfiguration configuration) { > return configuration.swaggerBundleConfiguration; > } > }); > } > > @Override > public void run(final ShepherdServiceConfiguration configuration, > final Environment environment) { > > final ShepherdController shepherdController = new ShepherdController(); > > // app authentication > environment.jersey() > .register(new AuthDynamicFeature(new > BasicCredentialAuthFilter.Builder<ShepherdAuth>() > .setAuthenticator(new ShepherdAuthenticator()) > .setAuthorizer(new ShepherdAuthorizer()) > .setRealm(configuration.getName()) > .buildAuthFilter())); > environment.jersey().register(RolesAllowedDynamicFeature.class); > environment.jersey().register(new > AuthValueFactoryProvider.Binder<>(ShepherdAuth.class)); > } > > > > > When I try to make a request to the endpoint, I immediately get a *HTTP > 401 *with the message > > > Credentials are required to access this resource. >> >> > > > The examples online for the docs, only detail Basic or Oauth2. > > Any help is appreciated for me to solve this. > > Thanks > -- You received this message because you are subscribed to the Google Groups "dropwizard-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
