OAuth Functions

This section describes functions that relates to OAuth operations.

The following functions for OAuth described here are:

validateJwt

Validates an incoming OAuth JWT.

string validateJwt( 
string openIdServer, 
string token, 
map <string, any> claimsToValidate, //Optional
string algorithm //Optional)

Parameters

ParameterDescription
openIdServerThis is the URL for the JWKS server.
tokenThis refers to the JWT (Json Web Token) that needs to be validated.
claimsToValidateAn optional map field to declare the claims as well as the corresponding value to validate against the token.
algorithmAn optional field to verify the signing algorithm used by the token. The possible values could be RSA256, RSA384, RSA512, ECDSA256, ECDSA384, ECDSA512. By default, the APL function uses RSA256.
ReturnsAn error message on validation failure. Null on validation success.

Example

Example of the validateJwt function with optional values for claims and algorithm populated.
string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im5PbzNaRHJPRFhFSzFqS1doWHNsSFJfS1hFZyIsImtpZCI6Im5Pbz";
map<string, any> claimsToValidate = mapCreate(string, any);
mapSet(claimsToValidate, "appidacr", "2");
mapSet(claimsToValidate, "aud", "ae47e8fd-b2be-4626-a7b5-19d28961ba1e");
string error_message = JwtValidation.validateJwt("https://10.60.10.30/endpoint", token, claimsToValidate, "RSA512");