How the JWT tokens work at https://scoutid.se/admin
-
Ajax: https://scoutid.se/jwt/jwt.php?app_id=<domain_name/entity_id>
Response 403: {ok: false, error: "No session", url: "<auth url>"} -
redirect to <auth url> (https://scoutid.se/simplesaml/module.php/core/loginuserpass.php?AuthState=...)
-
Ajax: https://scoutid.se/jwt/jwt.php?app_id=<domain_name/entity_id>
Response 200: {ok: true, token: "<jwt token>"}
const login = async () => {
const response = await fetch("https://scoutid.se/jwt/jwt.php?app_id=" + location.hostname, {credentials: 'include'});
if(!response.ok) throw response;
const result = await response.json();
if(!result || !result.ok || !result.token) {
throw result;
}
return result.token;
};
login().then(console.log)
The token is signed with an asymetic RS256 key
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApjMTez3ey8PjJtAx/XrA
nnburBb9DRcqbPYAuR75BSF3Nau8DIiCZEyc4MK88Vji7bLC16GfIldxnBc7AGmF
IG6u7sZJhFd1zb9ggoSVU68c5RM0AhTeCoYyuZj7Vd2rM6PkAzi+wVjVFIAntmIf
KMrUuQqstLof8vDoPhY/37ciI1tlrkLut3CMOyE5sFbFr/D8lvIX7wELUKaz0BIz
XzBsE5PhB7EoC4Ureglm2SRxHL/HcXMYjun1M2yaMDMTJEW8pom0UbRLePx9CT56
hmqVYBGZHKKt97nQiHrYjNeYlV1Czqu9NUzFYInRikhuUCtmSrjkeoDTBVFY79lx
NLnUlc4iyKu+RsHfB+bORuqc2ockxzz8CEwAkNvmqpVV+P1msGrq4aF5LjOvV+iq
mfZYXpe/9ECYHOKxN2rExyCwAU6bUTDtrSCMFIZc1SlZ7+OgcX/9V0Cxlh7DURh6
xpHgCBiAMK5LgcJt7LBth36+Kp7IjE0r4nY+HIfE8D5uTztscD2XAoA5K46TjLPy
XVQhIUSP/7nLuq+SNfam6TX4HDm0HP2AzX5I4am5amUGl7/fWWdS50T0ZmMH7s7C
GQ6VodVFuYVL+9VQTw6UtlWYpxcrsGbt6Ycpt18PZF/S/k4r55r330hJMRIbNb+4
ehXj1RGoxKDk09vDzXCsJnsCAwEAAQ==
-----END PUBLIC KEY-----
-
113 https://github.com/Scouterna/scoutid/issues/113 The token grow in size for user with a lot of roles, our current konq settings fails when the token gets over 5.6kB.
-
122 https://github.com/Scouterna/scoutid/issues/122Response with a 500, if the entity-id isn't in the database.