B2B Integration

 View Only
Expand all | Collapse all

JWT support for Sterling B2Bi 6.0.X

  • 1.  JWT support for Sterling B2Bi 6.0.X

    Posted Thu June 03, 2021 01:44 AM
    Hello All,

    Hope you all are safe and healthy.

    We got a new requirement where in our REST API Calls trigerred frm B2Bi currently we are doing basic auth but now they want us to send basic auth to one endpoint, it will generate JWT token and send us back and then using that JWT token, we need to call the actual endpoint .

    Is this something feasible in Sterling B2Bi 6.0.X or not supported ? We use B2B Integrator and not File gateway.


    ------------------------------
    Pranjit Biswas
    ------------------------------

    #SupplyChain
    #B2BIntegration


  • 2.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted Thu June 03, 2021 08:40 AM
    Edited by System Wed March 22, 2023 11:51 AM
    Hi Pranjit,

    Hope you doing good too.

    Unfortunately this requirement is not supported in B2Bi 6.0.x  and HTTP Client Adapter allow for only basic authentication.

    Here are few RFE's with same requirement and are marked as Planned for future release.

    https://watsonsupplychain.ideas.aha.io/ideas/B2BI-I-897
    https://watsonsupplychain.ideas.aha.io/ideas/B2BI-I-880

    ------------------------------
    Girish Venkatesh
    ------------------------------

    Original Message


  • 3.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted Fri June 04, 2021 05:34 AM
    Hi @Pranjit Biswas,

    I think this will help.
    I have a similiar solution in a production environment.

    <!--

Process-Name:    HTTP_JWT

Description:     HTTP Request with JWT

Created By:      Clayton Snyman 

Changes: 
========
Date       | Owner               | Description 
===========|=====================|==============================================================================
04/06/2021 | Clayton Snyman      | v1.0-00 - Intial version 

Notes: 
=====

-->
<process name="HTTP_JWT">

    <sequence name="Main">

        <!-- Retrieve token 
            Get JWT from a custom properties file or DB.
            Using assign in example.
         -->
        <assign to="JWT/@token" 
                from="'eyJ0eXBlIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJjdXN0b21lcklkIjoiQ3VzdG9tZXIiLCJleHAiOjE2MjUzODk3NjQsInVzZXJJZCI6IlVzZXIiLCJjdXN0b21lclVzZXJLZXkiOiIwMTIzNDU2Nzg5In0.YyflntcVdHKGH1d_1Hxrcd5AHKuEUmI9IDJ6QFPEaX6bWsuxqbs69C5W7A57ikGQIe3Xq3GeiHGPFivQnt92yM9npIOW_ApsCIcrFtovOLlURXabhhnm-inY5E4xR2_BbY7uF3S1sm3bFK0nL_qEIZwpNGS8vrrihGamBZgwsyakGySMKsqIyyIwAxn6iVHEbqpBrFoTqVgtSWHQ-kShTU-ANrHajw5LrGUMm1cCRPdTny576dO4nmJ8VfKwO8OEXvnjmZavTCiVPbu9SZds9oHqo8oiB_Y_KAFJmG_wEir0XkX3zapGD5DYaI--Ho-0eItTKAdOGGURY_mMC2MVEw'"/>

        <!-- DocInfo Service
            Set PrimDoc to required Document Content and Sub-Content type
            Get DocumentId that will be used to build MIME Message
         -->
        <operation name="Set Content Type to json:application">
            <participant name="GetDocumentInfoService"/>
            <output message="xout">
                <assign to="."                      from="PrimaryDocument"/>
                <assign to="DocumentContentSubType" from="'json'"/>
                <assign to="DocumentContentType"    from="'application'"/>
                <assign to="updateMetaDataOnly"     from="'true'"/>
            </output>
            <input message="xin">
                <assign to="message/doc:document-id" from="string(DocumentId)" />
                <assign to="message/@type"           from="string(DocumentContentType)" />
                <assign to="message/@subType"        from="string(DocumentContentSubType)" />
            </input>
        </operation>

        <!-- Assign MIME Message
            Assign HTTP required Header KEY and VALUE 
                VALUE assigned to mime:message/mime:header
                KEY assigned to mime:message/mime:header/@name
            Assign doc:document-id to mime:body
        -->
        <operation name="Assign - MIME Header and Body">
            <participant name="AssignService"/>
            <output message="AssignServiceTypeInputMessage">
                <assign to="mime:message/mime:header"       from="concat('Bearer ',string(JWT/@token))"                       append="true"/>
                <assign to="mime:message/mime:header/@name" from="string('Authorization')"                                    append="true"/>
                <assign to="mime:message/mime:header"       from="concat(string(message/@type),'/',string(message/@subType))" append="true"/>
                <assign to="mime:message/mime:header/@name" from="string('Content-Type')"                                     append="true"/>
                <assign to="mime:message/mime:body"         from="message/doc:document-id"/>
            </output>
            <input message="inmsg">
                <assign to="." from="*"/>
            </input>
        </operation>

        <operation name="Assign MIME encode document">
            <participant name="MIME"/>
            <output message="packRequest">
                <assign to="mime-document"   from="mime:message"/>
            </output>
            <input message="packResponse">
                <assign to="PrimaryDocument" from="mime-document/@*" />
            </input>
        </operation>
        <!-- SAMPLE OUTPUT From Service 
                This will become the Primary Document used for HTTP Method
            	
            Authorization: Bearer eyJ0eXBlIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJjdXN0b21lcklkIjoiQ3VzdG9tZXIiLCJleHAiOjE2MjUzODk3NjQsInVzZXJJZCI6IlVzZXIiLCJjdXN0b21lclVzZXJLZXkiOiIwMTIzNDU2Nzg5In0.YyflntcVdHKGH1d_1Hxrcd5AHKuEUmI9IDJ6QFPEaX6bWsuxqbs69C5W7A57ikGQIe3Xq3GeiHGPFivQnt92yM9npIOW_ApsCIcrFtovOLlURXabhhnm-inY5E4xR2_BbY7uF3S1sm3bFK0nL_qEIZwpNGS8vrrihGamBZgwsyakGySMKsqIyyIwAxn6iVHEbqpBrFoTqVgtSWHQ-kShTU-ANrHajw5LrGUMm1cCRPdTny576dO4nmJ8VfKwO8OEXvnjmZavTCiVPbu9SZds9oHqo8oiB_Y_KAFJmG_wEir0XkX3zapGD5DYaI\-\-Ho-0eItTKAdOGGURY_mMC2MVEw
            Content-Type: application/json
            Content-Length: 1629

            {"json":"data"}

         -->

        <!-- HTTP process -->
        <operation name="HTTP Session Begin">
            <participant name="HTTPClientBeginSession"/>
            <output message="HTTPClientBeginSessionServiceTypeInputMessage">
                <assign to="." from="*"/>
            </output>
            <input message="inmsg">
                <assign to="." from="*"/>
            </input>
        </operation>

        <operation name="HTTP Method - POST Mandate">
            <participant name="HTTPClientMethod"/>
            <output message="HTTPClientMethodServiceTypeInputMessage">
                <assign to="." from="PrimaryDocument"/>
            </output>
            <input message="inmsg">
                <assign to="." from="*"/>
            </input>
        </operation>

        <operation name="HTTP Session End">
            <participant name="HTTPClientEndSession"/>
            <output message="HTTPClientEndSessionServiceTypeInputMessage">
                <assign to="." from="*"/>
            </output>
            <input message="inmsg">
                <assign to="." from="*"/>
            </input>
        </operation>

        <onFault>

            <!-- Handle any errors -->

        </onFault>

    </sequence>

</process>

    ​Let me know if you have questions or need clarification.

    ------------------------------
    Sincerely,
    Clayton Snyman
    ------------------------------

    Original Message


  • 4.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted Fri June 11, 2021 01:27 PM
    Thank you for sharing !

    ------------------------------
    Kishore Reddy
    ------------------------------

    Original Message


  • 5.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted Wed June 16, 2021 02:10 AM
    Thank you Clayton. Appreciate your help here.

    ------------------------------
    Pranjit Biswas
    ------------------------------

    Original Message


  • 6.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted 20 days ago

    Hello Clayton,

    How did you generate the bearer token key that you used for Bearer authorization. https://www.ibm.com/docs/en/b2b-integrator/6.2.0?topic=z-rest-api-client-service indicates support for "v6.0.3.3 onwards" but does not indicate how to obtain the bearer token to populate the <assign to='auth'>bearer-token-key</assign> element. It is my understanding that the token request post must be made from the same location as the Rest API Client Authorization request



    ------------------------------
    Doyle Collings
    ------------------------------

    Original Message


  • 7.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted 17 days ago

    Hello Doyle,

    I have a separate BP that runs a java task service that to generate the token.

    Are you interested in BP and Java Task?



    ------------------------------
    Sincerely,
    Clayton Snyman
    ------------------------------

    Original Message


  • 8.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted 17 days ago

    Hello Doyle,

    Here is a link to the BP and Java.



    ------------------------------
    Sincerely,
    Clayton Snyman
    ------------------------------

    Original Message


  • 9.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted 15 days ago
    Edited by Doyle Collings 15 days ago

    Thank You Clayton,

    I am assuming that this separate configured Business Process only needs to be ran once? Where do I find the output where the resulting Bearer Token is generated when the Business Process is executed?

     



    ------------------------------
    Doyle Collings
    ------------------------------

    Original Message


  • 10.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted 15 days ago

    As needed to generate a token.

    The output is return to process data in tag "JWT".

    The BP is working example that you can refactor as needed.



    ------------------------------
    Sincerely,
    Clayton Snyman
    ------------------------------

    Original Message


  • 11.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted 14 days ago

    Hello Clayton,

    It appears that your algorithm to obtain a token is using a signing key algorithm.  Our REST Host is providing us a client id and secret to obtain the token.  Would you have any similar sample code that requests a JWT using a URI, client id and secret?

    Thanks



    ------------------------------
    Doyle Collings
    ------------------------------

    Original Message


  • 12.  RE: JWT support for Sterling B2Bi 6.0.X

    Posted Fri June 04, 2021 09:37 AM
    If B2Bi just need to play the Rest Client role then you can simply use RestAPI Client Service in your business processes to achieve your goal. https://www.ibm.com/docs/en/b2b-integrator/6.0.2?topic=z-rest-api-client-service

    ------------------------------
    BHARAT BALOTHIA
    ------------------------------

    Original Message