This repository contains a sample backend code that demonstrates how to generate a Virgil JWT using the Java/Android SDK
Do not use this authentication in production. Requests to a /virgil-jwt endpoint must be allowed for authenticated users. Use your application authorization strategy.
- Java Development Kit (JDK) 8+
For IntelliJ IDEA Ultimate run:
- IntelliJ IDEA Ultimate 2018.3.3+
If you have Community version of IDEA - go to
Building a Jarsection.
For building a jar:
- Maven 3+
- git clone https://github.com/VirgilSecurity/demo-nexmo-chat-backend-java
- Open IntelliJ IDEA -> File -> New -> Project from Existing Sources, locate
demo-nexmo-chat-backend-javaand clickopen - Select
Import project from external model->Maven, gonexttillPlease select project SDKpage - Select in list of available JDKs
1.8.xxxversion or greater. If you haven't JDK of1.8.xxxversion install it.Finishsetup. - Fill in your credentials into the
demo-nexmo-chat-backend-java/src/main/resources/application.propertiesfile. - Run application
If server started successfully you will see in the end of logs:
: Tomcat started on port(s): 3000 (http)
: Started ServerApplication
If you get error
Error:java: javacTask: source release 8 requires target release 1.8go to IntelliJ IDEA -> Preferences -> Build, Execution, Deployment -> Compiler -> Java Compiler and select8inProject bytecode versionfield.
If you don't have an account yet, sign up for one using your e-mail.
- Create new E2EEv5 application;
- Create new API Key and copy given private key;
To generate a JWT the following values are required from the steps above:
| Variable Name | Description |
|---|---|
| virgil.app.id | ID of your Virgil Application. |
| virgil.app.private_key | Private key of your APP key that is used to sign the JWTs. |
| virgil.app.key_id | ID of your APP key. A unique string value that identifies your account in the Virgil Cloud. |
- Replace credentials in
application.propertieswith yours.
- Register on https://developer.nexmo.com/
- Create Nexmo Application and remember your generated
private.keypath - Replace the <YOUR_APP_ID> in
application.propertieswith yourapp idfrom the created app above:
Application created: aaaaaaaa-bbbb-cccc-dddd-0123456789ab- Rename your Nexmo
private.keytovirgilnexmodemo_private.key - Put it near
application.propertiesfile to the resourses folder
Possibly, you want to build a Jar to deploy it on a remote server (e.g. Now, Heroku).
Clone the repository from GitHub.
$ git clone https://github.com/VirgilSecurity/e3kit-kotlin.git
$ mvn clean package -DskipTests
JAR file will be build in target directory.
Run this command from the project's root folder:
$ java -jar target/server.jar
Now, use your client code to make a request to get a JWT from the sample backend that is working on http://localhost:3000.
You can verify the server with a command:
$ curl -X POST -H "Content-Type: application/json" \
-d '{"identity":"my_identity"}' \
http://localhost:3000/authenticateThe response should looks like:
{"authToken":"my_identity-b5ba1680-4d5c-4b2e-9890-a0500d3c9bfe"}This endpoint is an example of users authentication. It takes user identity and responds with unique token.
POST https://localhost:3000/authenticate HTTP/1.1
Content-type: application/json;
{
"identity": "string"
}
Response:
{
"authToken": "string"
}This endpoint checks whether a user is authorized by an authorization header. It takes user's authToken, finds related user identity and generates a virgilToken (which is JSON Web Token) with this identity in a payload. Use this token to make authorized api calls to Virgil Cloud.
GET https://localhost:3000/virgil-jwt HTTP/1.1
Content-type: application/json;
Authorization: Bearer <authToken>
Response:
{
"virgilToken": "string"
}This endpoint checks whether a user is authorized by an authorization header. It takes user's authToken, finds related user identity and generates a nexmoToken (which is JSON Web Token) with this identity in a payload. Use this token to make authorized api calls to Nexmo services.
Current implementation provides only
/v1/sessions/**and/v1/conversations/**ACLs (It's enough for text chat). You can modify this server to suit your needs for example passing ACLs as a query parameters to GET request and then add requested ACLs to you JWT.
GET https://localhost:3000/virgil-jwt HTTP/1.1
Content-type: application/json;
Authorization: Bearer <authToken>
Response:
{
"nexmoToken": "string"
}This endpoint checks whether a user is authorized by an authorization header. It creates a user on the Nexmo service and returns user's id and reference.
POST https://localhost:3000/authenticate HTTP/1.1
Content-type: application/json;
Authorization: Bearer <authToken>
{
"name": "string",
"display_name": "string"
}
Response:
{
"id": "string",
"href": "string"
}To generate JWT, you need to use the JwtGenerator class from the SDK.
public JwtGenerator jwtGenerator() throws CryptoException {
VirgilCrypto crypto = new VirgilCrypto();
PrivateKey privateKey = crypto.importPrivateKey(ConvertionUtils.base64ToBytes(this.appKey));
AccessTokenSigner accessTokenSigner = new VirgilAccessTokenSigner();
JwtGenerator jwtGenerator = new JwtGenerator(appId, privateKey, appKeyIdentifier,
TimeSpan.fromTime(1, TimeUnit.HOURS), accessTokenSigner);
return jwtGenerator;
}Then you need to provide an HTTP endpoint which will return the JWT with the user's identity as a JSON.
For more details take a look at the AuthenticationService.java file.
This library is released under the 3-clause BSD License.
Our developer support team is here to help you. Find out more information on our Help Center.
You can find us on Twitter or send us email [email protected].
Also, get extra help from our support team on Slack.