This examples deploys a function that when triggered does a OAuth token based validation of the request.
If the check confirms that the Authorization header carries a valid JSON Web Tokens (JWT) token, the function logs the token payload to the console.
To run this sample, a custom token validation setup is required.
For demo purposes the following can be used to generate your own JWT (assuming you are in UNIX system environment).
Run outside of the project directory:
ssh-keygen -t rsa -b 4096 -m PEM -f jwtRS256.key
# Don't add passphrase
openssl rsa -in jwtRS256.key -pubout -outform PEM -out jwtRS256.key.pubThis generates two files:
jwtRS256.key: the private keyjwtRS256.key.pub: the public key which you are required to provide as a secret in the deployment step
Go to jwt.io and choose RS256 as Algorithm in the dropdown menu.
Paste your public key and private key in the corresponding fields under Verify Signature.
This will generate a JWT on the left panel that you should save for the final testing.
First, create a deployment file to provide the custom verfication key. Run inside the project directory:
faas-sdk init-values -y values.yamlUpdate the generated file with the public key you generated above. And finally, deploy the project:
xfsrt-cli faas project deploy -y ./deploy/values.yaml -vThe HTTP trigger URL can be retrieved from:
xfsrt-cli faas project get hello-oauthThe artifacts array contains an object with the URL in its name property (and a reference to HTTP trigger trig-oauth)
Setup your HTTP request according to this to trigger the function:
GET <HTTPTriggerURL>
Authorization: Bearer <token>
Check the function log on the command line
xfsrt-cli faas project logs -n hello-oauth --functions fun-oauthThe output should contain the token payload.
Copyright (c) 2020 SAP SE or an SAP affiliate company. All rights reserved. This file is licensed under the Apache Software License, v. 2 except as noted otherwise in the LICENSE file.