|
Title: Implementing secured RESTfull webservices using oAuth Post by: Lu?s T. on March 30, 2022, 11:07:15 am I am trying to secure our webservices uing oAuth.
As I did not find anything natively implemented in Genero (I just found some examples of using oAuth as client, not as a server) I am trying to implement it by myself. In oAuth the invocation of the webservices receives a Jason Web Token (JWT) in the header that should be validated to confirm the caller as access to the webservice. The JWT is signed to garantee its integrity and it is when trying to validate the signature where I get stucked. The signature algorithm is 'RS256' and I am trying to use xml.Signature.verifyString (https://4js.com/online_documentation/fjs-fgl-3.20.25-manual-html/#fgl-topics/c_gws_XmlSignature_verifyString.html). When I try to set the Signture Key, using The CryptoKey class (https://4js.com/online_documentation/fjs-fgl-3.20.25-manual-html/#fgl-topics/c_gws_XmlCryptoKey.html#c_gws_XmlCryptoKey) I get an error. Code: let key = xml.CryptoKey.Create("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256") This is the stderr when I run it in AIX (I have set the FGLWSDEBUG variable): call key.loadPEM("ciiSBqKB2SY_hcvJdxgzR.pem") Code: WS-DEBUG (Security Info) An this the output in LinuxOpenSSL 1.1.1g 21 Apr 2020 WS-DEBUG END WS-DEBUG (Security Warning) Crypto library doesn't have any ZLIB compression algorithm. WS-DEBUG END WS-DEBUG (Security Warning) SSL library wasn't compiled with support of RLE compression. SSL library wasn't able to initiate the ZLIB compression library. WS-DEBUG END WS-INFO (Certificate authority) | Loading from directory /usr/informix/gnrdev1/fgl/web_utilities/certs | Loading from directory /var/ssl/certs Program stopped at 'teste.4gl', line number 17. FORMS statement error number -15648. Xml security operation failed : xmlsec library function failed. Code: WS-DEBUG (Security Info) I attached the pem file.OpenSSL 1.1.1g 21 Apr 2020 WS-DEBUG END WS-DEBUG (Security Warning) Crypto library doesn't have any ZLIB compression algorithm. WS-DEBUG END WS-DEBUG (Security Warning) SSL library wasn't compiled with support of RLE compression. SSL library wasn't able to initiate the ZLIB compression library. WS-DEBUG END WS-INFO (Certificate authority) | Loading from directory /opt/informix/gnr-devstudio-3.20.09/fgl/web_utilities/certs | Loading from directory /etc/ssl/certs | Loading from directory /etc/pki/tls/certs Program stopped at 'teste.4gl', line number 17. FORMS statement error number -15648. Xml security operation failed : crypto library function failed : openssl error: 151584876: PEM routines: get_name no start line. Thanks Title: Re: Implementing secured RESTfull webservices using oAuth Post by: Lu?s T. on March 30, 2022, 11:22:31 am I am sorry but I put the wrong stderr.
I AIX should end with: Code: WS-INFO (Certificate authority) | Loading from directory /usr/informix/gnrdev1/fgl/web_utilities/certs | Loading from directory /var/ssl/certs I Linux:Program stopped at 'teste.4gl', line number 17. FORMS statement error number -15648. Xml security operation failed : crypto library function failed : openssl error: 621215852: DSO support routines: DSO_load functionality not supported. Code: WS-INFO (Certificate authority) | Loading from directory /opt/informix/gnr-devstudio-3.20.09/fgl/web_utilities/certs | Loading from directory /etc/ssl/certs | Loading from directory /etc/pki/tls/certs Program stopped at 'teste.4gl', line number 17. FORMS statement error number -15648. Xml security operation failed : crypto library function failed : openssl error: 151584876: PEM routines: get_name no start line. |