Try the fastest and simplest way to install ONLYOFFICE

JWT Token Issues

JWT Token Issues

Postby dmkash » Sun Apr 09, 2017 7:01 pm

I am using the Document Server Integration edition with the Docker image. I have configured it to use JWT as described at http://api.teamlab.info/editors/signature/

Here is the server configuration for the tokens:

Code: Select all
"secret": {
  "inbox": {
    "string": "32ff9d10-fd1a-0134-3693-3c764e1010e2",
    "file": "",
    "tenants": {}
  },
  "outbox": {
    "string": "secret",
    "file": ""
  },
  "session": {
    "string": "secret",
    "file": ""
  }
},
"token": {
  "enable": {
    "browser": true,
    "request": {
"inbox": true,
"outbox": true
    }
  },
  "inbox": {
    "header": "Authorization",
    "prefix": "Bearer "
  },
  "outbox": {
    "header": "Authorization",
    "prefix": "Bearer ",
    "algorithm": "HS256",
    "expires": "5m"
  },
  "session": {
    "algorithm": "HS256",
    "expires": "10m"
  }
},


Here is the Javascript configuration I'm using as the payload:

Code: Select all
{
  "document": {
    "title": "Word Doc with Times Roman",
    "url": "https://black-shark.within3.rs/advisory_board/onlyoffice/3/29",
    "fileType": "docx",
    "key": "document_3_29",
    "info": {
      "author": "Within3",
      "created": "2017-03-03 17:44:45 -0500"
    },
    "permissions": {
      "edit": false,
      "download": false,
      "print": false,
      "review": true
    }
  },
  "editorConfig": {
    "mode": "edit",
    "lang": "en",
    "callbackUrl": "https://black-shark.within3.rs/advisory_board/onlyoffice/3/29",
    "user": {
      "id": 2,
      "name": "Matthew James Berman"
    },
    "customization": {
      "about": true,
      "chat": false,
      "comments": false,
      "compactToolbar": true,
      "customer": {
        "address": "14701 Detroit Ave., Suite 600, Lakewood, OH",
        "info": "Within3 is the leading software communications company for life science and healthcare organizations. Our online discussion platform allows organizations to compliantly engage physicians, nurses, payers, and patients in groups large or small. When engagement matters, companies choose Within3.",
        "logo": "https://www.within3.com/App_Themes/within3/images/within3-logo@2x.png",
        "mail": "dkashubeck@within3.com",
        "name": "Within3",
        "www": "www.within3.com"
      },
      "feedback": false,
      "goback": false,
      "zoom": -2
    }
  }
}


Here is the JWT that is generated:

Code: Select all
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkb2N1bWVudCI6eyJ0aXRsZSI6IldvcmQgRG9jIHdpdGggVGltZXMgUm9tYW4iLCJ1cmwiOiJodHRwczovL2JsYWNrLXNoYXJrLndpdGhpbjMucnMvYWR2aXNvcnlfYm9hcmQvb25seW9mZmljZS8zLzI5IiwiZmlsZVR5cGUiOiJkb2N4Iiwia2V5IjoiZG9jdW1lbnRfM18yOSIsImluZm8iOnsiYXV0aG9yIjoiV2l0aGluMyIsImNyZWF0ZWQiOiIyMDE3LTAzLTAzIDE3OjQ0OjQ1IC0wNTAwIn0sInBlcm1pc3Npb25zIjp7ImVkaXQiOmZhbHNlLCJkb3dubG9hZCI6ZmFsc2UsInByaW50IjpmYWxzZSwicmV2aWV3Ijp0cnVlfX0sImVkaXRvckNvbmZpZyI6eyJtb2RlIjoiZWRpdCIsImxhbmciOiJlbiIsImNhbGxiYWNrVXJsIjoiaHR0cHM6Ly9ibGFjay1zaGFyay53aXRoaW4zLnJzL2Fkdmlzb3J5X2JvYXJkL29ubHlvZmZpY2UvMy8yOSIsInVzZXIiOnsiaWQiOjIsIm5hbWUiOiJNYXR0aGV3IEphbWVzIEJlcm1hbiJ9LCJjdXN0b21pemF0aW9uIjp7ImFib3V0Ijp0cnVlLCJjaGF0IjpmYWxzZSwiY29tbWVudHMiOmZhbHNlLCJjb21wYWN0VG9vbGJhciI6dHJ1ZSwiY3VzdG9tZXIiOnsiYWRkcmVzcyI6IjE0NzAxIERldHJvaXQgQXZlLiwgU3VpdGUgNjAwLCBMYWtld29vZCwgT0giLCJpbmZvIjoiV2l0aGluMyBpcyB0aGUgbGVhZGluZyBzb2Z0d2FyZSBjb21tdW5pY2F0aW9ucyBjb21wYW55IGZvciBsaWZlIHNjaWVuY2UgYW5kIGhlYWx0aGNhcmUgb3JnYW5pemF0aW9ucy4gT3VyIG9ubGluZSBkaXNjdXNzaW9uIHBsYXRmb3JtIGFsbG93cyBvcmdhbml6YXRpb25zIHRvIGNvbXBsaWFudGx5IGVuZ2FnZSBwaHlzaWNpYW5zLCBudXJzZXMsIHBheWVycywgYW5kIHBhdGllbnRzIGluIGdyb3VwcyBsYXJnZSBvciBzbWFsbC4gV2hlbiBlbmdhZ2VtZW50IG1hdHRlcnMsIGNvbXBhbmllcyBjaG9vc2UgV2l0aGluMy4iLCJsb2dvIjoiaHR0cHM6Ly93d3cud2l0aGluMy5jb20vQXBwX1RoZW1lcy93aXRoaW4zL2ltYWdlcy93aXRoaW4zLWxvZ29AMngucG5nIiwibWFpbCI6ImRrYXNodWJlY2tAd2l0aGluMy5jb20iLCJuYW1lIjoiV2l0aGluMyIsInd3dyI6Ind3dy53aXRoaW4zLmNvbSJ9LCJmZWVkYmFjayI6ZmFsc2UsImdvYmFjayI6ZmFsc2UsInpvb20iOi0yfX19.9Gz3iXXIb1fUX5rE5LH3v6MVa4qmyhYArnqC_Q8Uteo=


Here is error I'm seeing in docservice/out.log:
Code: Select all
==> docservice/out.log <==
[2017-04-09 18:55:41.559] [WARN] nodeJS - checkJwt error: docId = document_3_29 name = JsonWebTokenError message = invalid token token = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkb2N1bWVudCI6eyJ0aXRsZSI6IldvcmQgRG9jIHdpdGggVGltZXMgUm9tYW4iLCJ1cmwiOiJodHRwczovL2JsYWNrLXNoYXJrLndpdGhpbjMucnMvYWR2aXNvcnlfYm9hcmQvb25seW9mZmljZS8zLzI5IiwiZmlsZVR5cGUiOiJkb2N4Iiwia2V5IjoiZG9jdW1lbnRfM18yOSIsImluZm8iOnsiYXV0aG9yIjoiV2l0aGluMyIsImNyZWF0ZWQiOiIyMDE3LTAzLTAzIDE3OjQ0OjQ1IC0wNTAwIn0sInBlcm1pc3Npb25zIjp7ImVkaXQiOmZhbHNlLCJkb3dubG9hZCI6ZmFsc2UsInByaW50IjpmYWxzZSwicmV2aWV3Ijp0cnVlfX0sImVkaXRvckNvbmZpZyI6eyJtb2RlIjoiZWRpdCIsImxhbmciOiJlbiIsImNhbGxiYWNrVXJsIjoiaHR0cHM6Ly9ibGFjay1zaGFyay53aXRoaW4zLnJzL2Fkdmlzb3J5X2JvYXJkL29ubHlvZmZpY2UvMy8yOSIsInVzZXIiOnsiaWQiOjIsIm5hbWUiOiJNYXR0aGV3IEphbWVzIEJlcm1hbiJ9LCJjdXN0b21pemF0aW9uIjp7ImFib3V0Ijp0cnVlLCJjaGF0IjpmYWxzZSwiY29tbWVudHMiOmZhbHNlLCJjb21wYWN0VG9vbGJhciI6dHJ1ZSwiY3VzdG9tZXIiOnsiYWRkcmVzcyI6IjE0NzAxIERldHJvaXQgQXZlLiwgU3VpdGUgNjAwLCBMYWtld29vZCwgT0giLCJpbmZvIjoiV2l0aGluMyBpcyB0aGUgbGVhZGluZyBzb2Z0d2FyZSBjb21tdW5pY2F0aW9ucyBjb21wYW55IGZvciBsaWZlIHNjaWVuY2UgYW5kIGhlYWx0aGNhcmUgb3JnYW5pemF0aW9ucy4gT3VyIG9ubGluZSBkaXNjdXNzaW9uIHBsYXRmb3JtIGFsbG93cyBvcmdhbml6YXRpb25zIHRvIGNvbXBsaWFudGx5IGVuZ2FnZSBwaHlzaWNpYW5zLCBudXJzZXMsIHBheWVycywgYW5kIHBhdGllbnRzIGluIGdyb3VwcyBsYXJnZSBvciBzbWFsbC4gV2hlbiBlbmdhZ2VtZW50IG1hdHRlcnMsIGNvbXBhbmllcyBjaG9vc2UgV2l0aGluMy4iLCJsb2dvIjoiaHR0cHM6Ly93d3cud2l0aGluMy5jb20vQXBwX1RoZW1lcy93aXRoaW4zL2ltYWdlcy93aXRoaW4zLWxvZ29AMngucG5nIiwibWFpbCI6ImRrYXNodWJlY2tAd2l0aGluMy5jb20iLCJuYW1lIjoiV2l0aGluMyIsInd3dyI6Ind3dy53aXRoaW4zLmNvbSJ9LCJmZWVkYmFjayI6ZmFsc2UsImdvYmFjayI6ZmFsc2UsInpvb20iOi0yfX19.9Gz3iXXIb1fUX5rE5LH3v6MVa4qmyhYArnqC_Q8Uteo=


The token signature verifies on https://jwt.io/#debugger successfully. Why doesn't the document server accept the generated token?
dmkash
 
Posts: 6
Joined: Thu Apr 06, 2017 3:25 pm

Re: JWT Token Issues

Postby Maxim » Tue Apr 11, 2017 6:05 am

Hello dmkash!
There is a problem with symbol "=". For example you can see here and here. Please specify what a framework do you use for jwt?
Maxim
 
Posts: 1077
Joined: Tue Oct 11, 2016 2:34 pm

Re: JWT Token Issues

Postby dmkash » Tue Apr 11, 2017 10:02 am

Thanks for the response! Our product is Ruby on Rails and I'm using OpenSSL::HMAC to create the signature, then the built-in Base64 module to create the signature. I removed the "=" padding from the end of the signature and it works. Thank you!
dmkash
 
Posts: 6
Joined: Thu Apr 06, 2017 3:25 pm

Re: JWT Token Issues

Postby Maxim » Tue Apr 11, 2017 11:13 am

It's good to hear it! I hope you enjoy our product!
Maxim
 
Posts: 1077
Joined: Tue Oct 11, 2016 2:34 pm


Return to Miscellaneous

Who is online

Users browsing this forum: No registered users and 2 guests

cron