A url para integração com a COBAN segue o seguinte modelo:
https://totvs.coban.myconsig.com.br/token/%{jwt}
JSON Web Token (JWT) é um padrão aberto para representar declarações com segurança entre duas partes. Ele é composto por 3 partes: header, payload e signature.
O header é onde ficam algumas informações sobre como o token foi criado e como pode ser lido.
Exemplo:
{
"typ": "JWT",
"alg": "RS256",
"kid": "OLeJMiixtsnTaOzAgi02RWkJNv0PK_ZMIDq4JGoXlC4"
}Exemplo:
{
"name": "Jose Silva",
"sub": "74400628922",
"iat": 1522804036,
"aud": "coban.myconsig.com.br",
"iss": "tec.myconsig.com.br",
"jti": "55cab74d-1030-44f1-9b7d-41ab759fd650",
"gender": "male",
"birthdate": "1984-11-29",
"phone_number": "99999999",
"address": {
"street_address": "R. Ana Pereira Melo",
"n": "253",
"neighborhood": "Vila Campesina",
"locality": "Osasco",
"region": "SP",
"postal_code": "06023-080",
"country": "Brasil"
},
"myconsig:eid": {
"n": "27616601249",
"r": "SP",
"iss": "DETRAN",
"iat": "2015-12-31",
"exp": "2019-12-31"
},
"myconsig:playslip": {
"cnpj": "05165797707270",
"cutd": 19,
"eid": "045383",
"mac": "5000.00",
"mpa": "300.00",
"mpc": 40,
"iat": 1522367670,
"bid": 237,
"sid": "8422",
"cid": "083801"
},
"myconsig:cid": "243128ea-ee9c-4f9b-849a-9df7819fed72"
}| Atributo | Definição | Formato |
|---|---|---|
| name | Nome do funcionário | string |
| sub | CPF do funcionário | string |
| iat | data/hora de emissão do token | int (Unix Timestamp) |
| aud | Audiência do token | string |
| iss | Emissor do token | string |
| jit | Identificador único do token | string |
| myconsig:eid | Identidade do funcinário | objeto |
| myconsig:playslip | contracheque | objeto |
| myconsig:cid | Identificador de correlação para rastreamento | string |
| gender | End-user’s gender | string |
| birthdate | End-user’s birthday, represented as an ISO 8601:2004 YYYY-MM-DD format | string |
| phone_number | telefone | string |
| address | https://openid.net/specs/openid-connect-core-1_0.html#AddressClaim | object |
| Atributo | Definição | Formato |
|---|---|---|
| n | Numero do documento | string |
| r | UF do documento | string |
| iat | Data de emissão | string |
| iss | Emissor do documento | string |
| exp | Data de vencimento | string |
| Atributo | Definição | Formato |
|---|---|---|
| cnpj | CNPJ | string |
| cutd | Data de corte da folha | int |
| eid | Matrícula | string |
| mac | Valor Máximo a liberar | string |
| mpa | Valor Margem Livre | string |
| mpc | Número Máximo de Parcelas | int |
| iat | data/hora da consulta da margem | int (Unix Timestamp) |
| bid | Banco de pagamento | int |
| sid | Agencia de pagamento | string |
| cid | Conta de pagamento | string |
O objetivo da assinatura é assegurar que o token foi gerado por uma fonte conhecida, mesmo que outros possam ler a informação, não é possível alterá-la.
Todo o processo de geração e verificação é automatizado pelas bibliotecas que implementam o JWT.
O JWT codificado segue o seguinte formato: #{header}.#{payload}.#{signature}
Exemplo:
eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik9MZUpNaWl4dHNuVGFPekFnaTAyUldrSk52MFBLX1pNSURxNEpHb1hsQzQifQ.eyJuYW1lIjoiSm9zZSBTaWx2YSIsInN1YiI6Ijc0NDAwNjI4OTIyIiwiaWF0IjoxNTIyODA0MDM2LCJhdWQiOiJjb2Jhbi5teWNvbnNpZy5jb20uYnIiLCJpc3MiOiJ0ZWMubXljb25zaWcuY29tLmJyIiwianRpIjoiNTVjYWI3NGQtMTAzMC00NGYxLTliN2QtNDFhYjc1OWZkNjUwIiwibXljb25zaWc6cGxheXNsaXAiOnsiY25waiI6IjA1MTY1Nzk3NzA3MjcwIiwiY3V0ZCI6MTksImVpZCI6IjA0NTM4MyIsIm1wYSI6IjEwMDAuMDAiLCJtcGMiOjYsImlhdCI6MTUyMjM2NzY3MCwiYmlkIjoyMzcsInNpZCI6Ijg0MjIiLCJjaWQiOiIwODM4MDEifSwibXljb25zaWc6Y2lkIjoiMjQzMTI4ZWEtZWU5Yy00ZjliLTg0OWEtOWRmNzgxOWZlZDcyIn0.IYG1eN1352q46rL9HYSLGy7xHXoQ03L50xbFZhfYioY0KwqnzeQARsGfOasHDcTM2myYnm-jhZzNx-H4cY5ijMSaaIk-35mPn1iH_hdzp4nK27GrdKHS4e1h-R6sl2NGXcN1Hbv65aLv2qbFY3hlyZbWbXF64mjXw4yFZMdWn0CPZ4b0NQLbMgUmLAJLAPLUgc5NYWrjDWPc_IDUG2DKxVdviHqerpJgpLDqZ6aSCJ8Yyp9mjIEUaV2htZcl9gnLWthCyaFGKJ1jTD39Yct_JDca7VUJX8nGxDgHmDGWgVuFUuI8LIiYt0rdTiQv3aiEGerexIs7Cp2vuGs6dKwtDg
O JWT.IO permite decodificar, verificar e gerar o JWT.
Segue abaixo as chaves utilizadas para a geração da assinutura acima. Estas não são as chaves do ambiente de produção.
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgqeGHh51jVOH0eU8wle
9te3gp7jKd4oeLkaaBeh6KWLoiPlSnfmVj027EDUT5h9mA8oJmVcSIhb/PWUyz/V
2q/fER7wpZmlR2ZKvjm8Y7Sbytlgq95qH/0EW7JOV+4TKUOy864w5YJEcTOahzLD
FTi5Fbjd3Axg7mUqy0spnQ7O2SUJ23Sjs/Fy0TaJVmTCClLsI3mlWFtSCy+gZLWZ
e3IhZ/CKb7/Sn2lM7emPPejup8eiSgi2JhoWNMZrf75BLRsnnhx/3iM+POiTt2Ax
KWf/YJRv6xs4Gblt4iizwqIloEppHMuz0k5W43W8nXLJook0uh1kFwcN6NZ0V9dv
3QIDAQAB
-----END PUBLIC KEY-----
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAqgqeGHh51jVOH0eU8wle9te3gp7jKd4oeLkaaBeh6KWLoiPl
SnfmVj027EDUT5h9mA8oJmVcSIhb/PWUyz/V2q/fER7wpZmlR2ZKvjm8Y7Sbytlg
q95qH/0EW7JOV+4TKUOy864w5YJEcTOahzLDFTi5Fbjd3Axg7mUqy0spnQ7O2SUJ
23Sjs/Fy0TaJVmTCClLsI3mlWFtSCy+gZLWZe3IhZ/CKb7/Sn2lM7emPPejup8ei
Sgi2JhoWNMZrf75BLRsnnhx/3iM+POiTt2AxKWf/YJRv6xs4Gblt4iizwqIloEpp
HMuz0k5W43W8nXLJook0uh1kFwcN6NZ0V9dv3QIDAQABAoIBAAixHj+1+NRgSSwE
JrL9qaMIh9LfeFEtj/gLzjO/8YDI5YhWOWRDGL0Tx/jvn2qqKtFZBP5hdAQpJDqb
+w0gqDfTgZ2IbVipr+8kZXGv1ddq5gPKdMyUQ+x6rHxbcvG/s68KTN1z6//vVrxK
nP2INLyi96MKnhyfbV0CQtu9bdUfVUsnWa0YSaeZ8QA8oW/ezzrxkUzuDLCCNrZt
8xgwtx87imsVualzZAfGnCfNOENnujSlCwYtJo+LrtQenoE7gIAtPzGfycTa/a29
ugf8FWSshNTHFxeEIBurV3WhZRblm6ynQa+VkPD6uCaT//OT3bZNSucLZZlKbk+h
RfkQeYECgYEA3Bt2RUcyVv71OMERFTM6KNIxKhAlPrkAFVEp0INiI+R0RfVVmEMQ
og2/AdXBSh3yeYEBFIwgnXlB93UvpF3e56KIyNHqaOKrJ0kFWqfiAr+FCau5IqBn
xkR+V3X3tIiDktXz7elw4qxniyxrFphTszXNoPxyVxwIOlJQU+plFbECgYEAxcUf
WC88vYIfLiDVZIKEYcI8BvdpEBMjDZqkCJJTDapZ5ByMN3jedKUGw6Z+xSdMr8/e
kv91uAecLgwMkQousSQJyH5TwpFXzOyYzyrXfCYv38B6afqFn2TJI34CBXiTcvsF
c8zb7E+m0vO0tt0+x2VR4CIO9Mej62z7/lG/y+0CgYAl+mcR1RMOh7dwL3/vFIO4
f2wUQezrQaiOBQ8d9017u/OEDqzSNOAt1glbG7LaQwiPhn7VOMh343BKbmHmDnxj
o1vOqsmzh0jY4nSWC9mnd7xQytyK6Pp+71qNZMF02Qk60MfiCSF9OxoynVts7qOi
jGoKmQRxm1igF4vcrtj6QQKBgAbR6WbNGjceyZx5nWI97frBC/jhh0n6nvbVIlr5
UMvj1/25zkwLawBywGz2zOBXnplhfbdr/8880/HykGxgAYQyTfQQBytqf7CdaBec
zpmFZ5k7tfz5mqoIe7cxnTg7FDqe1W1M3zii9onHxa+YqZWOtOgZxJJEYC66L2Zx
wz9xAoGACefW2az9bzM6nSRIkudpK//aw/FYq8G+BweeNeorHf/aZz7byNBDZKyD
NfsX0MB9b61Bp4lbLI9ccwLjhilFcLcaaUopyUi+Dw0Cit0KtAafAIc38jK/l5TV
wpfkY268bxcubXB2ITOOnxwcP1xze+0IypHsZ7pgbhOqsU9/v2w=
-----END RSA PRIVATE KEY-----
As chaves públicas para verificação dos tokens estão disponíves nas seguintes URLS:
https://staging-api.myconsig.com.br/.well-known/jwks.json(staging)https://api.myconsig.com.br/.well-known/jwks.json(produção)
const jwksClient = require('jwks-rsa');
const jwt = require('jsonwebtoken');
const token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik9MZUpNaWl4dHNuVGFPekFnaTAyUldrSk52MFBLX1pNSURxNEpHb1hsQzQifQ.eyJuYW1lIjoiSm9zZSBTaWx2YSIsInN1YiI6Ijc0NDAwNjI4OTIyIiwiaWF0IjoxNTIyODA0MDM2LCJhdWQiOiJjb2Jhbi5teWNvbnNpZy5jb20uYnIiLCJpc3MiOiJ0ZWMubXljb25zaWcuY29tLmJyIiwianRpIjoiNTVjYWI3NGQtMTAzMC00NGYxLTliN2QtNDFhYjc1OWZkNjUwIiwibXljb25zaWc6cGxheXNsaXAiOnsiY25waiI6IjA1MTY1Nzk3NzA3MjcwIiwiY3V0ZCI6MTksImVpZCI6IjA0NTM4MyIsIm1wYSI6IjEwMDAuMDAiLCJtcGMiOjYsImJpZHMiOlsyMzddLCJpYXQiOjE1MjIzNjc2NzAsImJpZCI6MjM3LCJzaWQiOiI4NDIyIiwiY2lkIjoiMDgzODAxIn0sIm15Y29uc2lnOmNpZCI6IjI0MzEyOGVhLWVlOWMtNGY5Yi04NDlhLTlkZjc4MTlmZWQ3MiJ9.Ow6kNcdc2QuewtQDcaHx_5mk5379SrZOz9DWugrkjrAzNKl4EBMw-UlGvt5yiKNwvwwwJhmF6M5foUscoBgOFDwC_PKy0pNIPDmuTdFehooBq5yuy1g8h5rT0SEC9qI3Boyqoi-QP37C-j7gOQnRBVgPqKmBvSLWv0KkQR3lMEqBuNEUJ3TmKwtRzr008PGLlGvBhkDaKg8CFBxDFbSB4c04LVJuJnMTzGY3ekwoESmBBL9uH89pqNgudOAfdGXXI8Sy4vFnF9mENmDC4dt7fc5tlG7B5lG04xvfxMBS2noBmPKHKU2umOvj0odZTT_p_cDA-qUF4ub45Jd24qowaQ"
var decoded = jwt.decode(token, {complete: true});
const client = jwksClient({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 10, // Default value
jwksUri: 'https://staging-api.myconsig.com.br/.well-known/jwks.json'
});
const kid = decoded.header.kid;
client.getSigningKey(kid, (err, key) => {
if (key) {
const cert = key.publicKey || key.rsaPublicKey;
jwt.verify(token, cert, { audience: "coban.myconsig.com.br", issuer: "tec.myconsig.com.br"}, (err, decoded) => {
if (err) {
console.error(err);
} else {
console.log(decoded);
}
});
} else if (err) {
console.error(err);
}
// Now I can use this to configure my Express or Hapi middleware
});POST /graphql HTTP/1.1
Host: staging-api.myconsig.com.br
Accept: application/json
Content-Type: application/json
{
"query":"mutation login($input: LoginInput!) {login(input: $input){ token }}",
"variables": {
"input": {
"email": "[email protected]",
"password": "secret"
}
}
}
{
"data": {
"login": {
"token": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkNmQ5OWNhZC00MmE4LTQ4MDktOWM5Ni1lNGRmNGY5OTg4NmUiLCJzY3AiOiJhY2NvdW50IiwiYXVkIjpbXSwiaWF0IjoxNTI1MzczODA2LCJleHAiOjE1MjUzNzc0MDYsImp0aSI6Ijc3YTU2MjA0LTI4YmYtNDRmNS05MDMwLWE4NTc2MDE2OTIwMyJ9.aJuE8MVtISx9ySzcXGYBFrEGwIyBAeZx-S94Myj0Wpg"
}
}
}
ou
{
"data": {
"login": null
},
"errors": [
{
"message": "unauthorized",
"locations": [{"line": 1,"column": 38}],
"path": ["login"]
}
]
}
POST /graphql HTTP/1.1
Host: staging-api.myconsig.com.br
Accept: application/json
Content-Type: application/json
Authorization: Bearer {{jwt}}
{
"query":"mutation bookPayrollLoan($input: BookPayrollLoanInput!) {bookPayrollLoan(input: $input){ payrollLoanReservation {uuid status}}}",
"variables": {
"input": {
"cnpj": "81759880369503",
"cpf": "53149742234",
"registrationId": "a452c561",
"contractCode": 1,
"deductionBeginningDate": "2018-06-03",
"monthlyPayment": 742.84,
"installmentsCount": 37,
"requestedAmount": 606.66,
"paymentBank": 709
}
}
}
{
"data": {
"bookPayrollLoan": {
"uuid": "5dd8808a-27a0-439c-a50c-dd43e511bf60",
"status": "BOOKED"
}
}
}
POST /graphql HTTP/1.1
Host: staging-api.myconsig.com.br
Accept: application/json
Content-Type: application/json
Authorization: Bearer {{jwt}}
{
"query":"mutation RevokePayrollloanReservation($input: RevokePayrollLoanReservationInput!) {revokePayrollLoanReservation(input: $input) { status }}",
"variables": {
"input": {
"cnpj": "81759880369503",
"cpf": "53149742234",
"contractCode": 1
}
}
}
{
"data": {
"bookPayrollLoan": {
"uuid": "5dd8808a-27a0-439c-a50c-dd43e511bf60",
"status": "REVOKED"
}
}
}
POST /graphql HTTP/1.1
Host: staging-api.myconsig.com.br
Accept: application/json
Content-Type: application/json
Authorization: Bearer {{jwt}}
{"query":"{{query}}"}
query {
viewer {
coban {
name
payrollLoanReservations {
pageInfo {
hasNextPage
hasPreviousPage
}
edges {
cursor
node {
uuid
contractCode
cpf
cnpj
status
createdAt
requestedAmount
monthlyPayment
paymentBank
installmentsCount
}
}
}
}
}
}
{
"data": {
"viewer": {
"coban": {
"name": "COBAN 0001 LTDA",
"payrollLoanReservations": {
"pageInfo": {
"hasNextPage": false,
"hasPreviousPage": false
},
"edges": [
{
"cursor": "MQ==",
"node": {
"uuid": "eb05192d-a492-4dd7-bc3f-861a386d97b7",
"contractCode": 4383,
"cpf": "09162489925",
"cnpj": "17590301137250",
"status": "REVOKED",
"createdAt": "2018-04-24T18:01:03Z",
"requestedAmount": 966.93,
"monthlyPayment": 747.9,
"paymentBank": 511,
"installmentsCount": 20
}
},
{
"cursor": "Mg==",
"node": {
"uuid": "71954f3f-eb64-43cf-a530-b7a7fe99a4d9",
"contractCode": 4382,
"cpf": "09162489925",
"cnpj": "17590301137250",
"status": "BOOKED",
"createdAt": "2018-04-24T17:59:40Z",
"requestedAmount": 966.93,
"monthlyPayment": 747.9,
"paymentBank": 511,
"installmentsCount": 20
}
},
{
"cursor": "Mw==",
"node": {
"uuid": "d0a49658-7bb0-4974-8a7b-c525ee577189",
"contractCode": 4381,
"cpf": "09162489925",
"cnpj": "17590301137250",
"status": "BOOKED",
"createdAt": "2018-04-23T20:45:43Z",
"requestedAmount": 966.93,
"monthlyPayment": 747.9,
"paymentBank": 511,
"installmentsCount": 20
}
},
{
"cursor": "NA==",
"node": {
"uuid": "e694fbce-57a1-4f0a-b54b-e9b69637135d",
"contractCode": 4380,
"cpf": "09162489925",
"cnpj": "17590301137250",
"status": "BOOKED",
"createdAt": "2018-04-23T19:06:19Z",
"requestedAmount": 966.93,
"monthlyPayment": 747.8,
"paymentBank": 511,
"installmentsCount": 20
}
},
{
"cursor": "NQ==",
"node": {
"uuid": "02c0feca-a458-41d2-a997-e54d0171c20a",
"contractCode": 4379,
"cpf": "09162489925",
"cnpj": "17590301137250",
"status": "BOOKED",
"createdAt": "2018-04-23T19:06:13Z",
"requestedAmount": 966.93,
"monthlyPayment": 747.8,
"paymentBank": 511,
"installmentsCount": 20
}
},
{
"cursor": "Ng==",
"node": {
"uuid": "b31a3cbd-1fb6-4935-88d7-d50eaf2a0490",
"contractCode": 4378,
"cpf": "09162489925",
"cnpj": "17590301137250",
"status": "BOOKED",
"createdAt": "2018-04-23T19:06:10Z",
"requestedAmount": 966.93,
"monthlyPayment": 747.8,
"paymentBank": 511,
"installmentsCount": 20
}
},
{
"cursor": "Nw==",
"node": {
"uuid": "f65b2d51-0fb4-4b16-93aa-00716ee36354",
"contractCode": 4377,
"cpf": "09162489925",
"cnpj": "17590301137250",
"status": "BOOKED",
"createdAt": "2018-04-23T19:06:05Z",
"requestedAmount": 966.93,
"monthlyPayment": 747.8,
"paymentBank": 511,
"installmentsCount": 20
}
},
{
"cursor": "OA==",
"node": {
"uuid": "a1925d82-7c5e-49c6-ac3e-c84e669f8324",
"contractCode": 4376,
"cpf": "09162489925",
"cnpj": "17590301137250",
"status": "BOOKED",
"createdAt": "2018-04-23T19:06:01Z",
"requestedAmount": 966.93,
"monthlyPayment": 747.8,
"paymentBank": 511,
"installmentsCount": 20
}
},
{
"cursor": "OQ==",
"node": {
"uuid": "8424d2b9-835c-4d87-848c-4c2255e20128",
"contractCode": 4375,
"cpf": "09162489925",
"cnpj": "17590301137250",
"status": "BOOKED",
"createdAt": "2018-04-23T19:03:54Z",
"requestedAmount": 966.93,
"monthlyPayment": 747.8,
"paymentBank": 511,
"installmentsCount": 20
}
}
]
}
}
}
}
}