JWT with AWS Token

  • Resolved Victor M Ramirez

    (@isvictorious)


    6 years, 5 months ago

    Checked out your plugin.

    So much great information.

    Can you point me in the direction (or if this is a possibility) of how to handle JWT authentication using token issued by AWS with same secret key?

    i.e.
    1) user visits load balancer and is issued JWT token on authentication
    2) user is sent with JWT token in header to WordPress

    Is this possible?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author AAM Plugin

    (@vasyltech)

    Hi @isvictorious,

    Thank you for the great question. First of all I’m assuming you already read this article https://aamplugin.com/article/how-to-authenticate-wordpress-user-with-jwt-token. So basically you have to make sure that your JWT has valid userId in the token’s list of claims.

    Then just send HTTP header Authentication: Bearer XXXXX where XXXXX is issued JWT token.

    Feel free to ask more questions.

    Regards,
    Vasyl

    Thread Starter Victor M Ramirez

    (@isvictorious)

    Hey Vasyl,

    Thanks for taking the time to respond.

    I am experimenting in Postman before going into the trouble of setting up everything in AWS Cognito.

    Followed your article. I did not do any of the optional modifications in Step 2. Let me know if I should.

    Following your article & previous response –

    1) In Postman sent POST to https://sandbox.local/wp-json/aam/v1/authenticate with username & password.

    2) Received body with Token

    3) Created GET to https://sandbox.local/wp-admin/ with Authentication: Bearer XXXXX (JWT Token cut & pasted) However, I’m hit with the login page.

    When I deny access to all routes and then test access with the same request in #3 it works.

    However, I can’t get it working with standard pages. i.e. /wp-admin/

    Below is my JSON response from Step 1 where I don’t see userID.

    
{
    "token": "XXXXXX",
    "token_expires": 1540482260,
    "user": {
        "data": {
            "ID": "1",
            "user_login": "admin",
            "user_pass": "XXXXXX",
            "user_nicename": "admin",
            "user_email": "[email protected]",
            "user_url": "",
            "user_registered": "2018-09-25 20:28:25",
            "user_activation_key": "",
            "user_status": "0",
            "display_name": "admin"
        },
        "ID": 1,
        "caps": {
            "administrator": true
        },
        "cap_key": "wp_capabilities",
        "roles": [
            "administrator"
        ],
        "allcaps": {
            "switch_themes": true,
            "edit_themes": true,
            "activate_plugins": true,
            "edit_plugins": true,
            "edit_users": true,
            "edit_files": true,
            "manage_options": true,
            "moderate_comments": true,
            "manage_categories": true,
            "manage_links": true,
            "upload_files": true,
            "import": true,
            "unfiltered_html": true,
            "edit_posts": true,
            "edit_others_posts": true,
            "edit_published_posts": true,
            "publish_posts": true,
            "edit_pages": true,
            "read": true,
            "level_10": true,
            "level_9": true,
            "level_8": true,
            "level_7": true,
            "level_6": true,
            "level_5": true,
            "level_4": true,
            "level_3": true,
            "level_2": true,
            "level_1": true,
            "level_0": true,
            "edit_others_pages": true,
            "edit_published_pages": true,
            "publish_pages": true,
            "delete_pages": true,
            "delete_others_pages": true,
            "delete_published_pages": true,
            "delete_posts": true,
            "delete_others_posts": true,
            "delete_published_posts": true,
            "delete_private_posts": true,
            "edit_private_posts": true,
            "read_private_posts": true,
            "delete_private_pages": true,
            "edit_private_pages": true,
            "read_private_pages": true,
            "delete_users": true,
            "create_users": true,
            "unfiltered_upload": true,
            "edit_dashboard": true,
            "update_plugins": true,
            "delete_plugins": true,
            "install_plugins": true,
            "update_themes": true,
            "install_themes": true,
            "update_core": true,
            "list_users": true,
            "remove_users": true,
            "promote_users": true,
            "edit_theme_options": true,
            "delete_themes": true,
            "export": true,
            "edit_blocks": true,
            "edit_others_blocks": true,
            "publish_blocks": true,
            "read_private_blocks": true,
            "read_blocks": true,
            "delete_blocks": true,
            "delete_private_blocks": true,
            "delete_published_blocks": true,
            "delete_others_blocks": true,
            "edit_private_blocks": true,
            "edit_published_blocks": true,
            "create_blocks": true,
            "administrator": true
        },
        "filter": null
    }
}
    Thread Starter Victor M Ramirez

    (@isvictorious)

    Okay so after reading through your documentation on the JWT filter it looks like the userid is included in the default token.

    I’m creating a GET request with the token I receive in the initial POST request.

    I’m assuming I need to override the default WordPress authentication? Is this something the AAM plugin can do for users to log in via JWT?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘JWT with AWS Token’ is closed to new replies.