Lack of documentation in this project here is what I understand
CH:IUA Validation Service 1.0.3
Default use case:
- The CH IUA VALIDATOR is a tool that can be requested by EVSClient that allows to validate an JWT token. The tool has two validators, one basic and one extended. The basic validation validator is used to validate the token signature and at least the expiration date.
How to validate a token:
In a file you have to put two lines:
- The first line is the token to validate
- The second line is a key to fetch the encryption signature of the token.
/!\ The token must be encrypted in the HS256 format since the tool only supports this format. You can use jwt.io to change the token encryption and the signature key.
The file /opt/chiua/operational-preferences.properties is the default key-value file. It can be changed in the environment variable: -DEPLOYMENT_PROPERTIES_PATH=/opt/chiua -DEPLOYMENT_PROPERTIES_FILE_NAME=operational-preferences.properties The value is the signature key of the token. The key is the key to put in the second line of the file to validate the token.
For example: To validate the token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjQzNDQzOTI1LTRmZDMtNDgwMy04NmRmLTkzMmE5ZTg5Zjk4ZiJ9.eyJleHAiOjE4MzAxMjk4NzAsImlhdCI6MTczMDEyOTU3MCwiYXV0aF90aW1lIjoxNzMwMTI5NTQwLCJqdGkiOiI4YmI1ZWJiZi02YWUyLTRmNWUtODk5OS1iYWI3ZDE2MTFlODgiLCJpc3MiOiJodHRwczovL2VoZWFsdGhzdWlzc2UuaWhlLWV1cm9wZS5uZXQvaXVhLXNzby9yZWFsbXMvY2gtaXVhIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6ImU3OTlkZDA1LWFmMTQtNDM1ZS1iZjRmLTQ5YmFhYTE3ZTRjNCIsInR5cCI6IkJlYXJlciIsImF6cCI6ImNoLWl1YS1jbGllbnQiLCJzZXNzaW9uX3N0YXRlIjoiYjcwMDczMTYtOGIzNi00NTcyLWI0MzItNjNmMDIyYWZjYjY4IiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIvKiJdLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiZGVmYXVsdC1yb2xlcy1jaC1pdWEiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJwdXJwb3NlX29mX3VzZT11cm46b2lkOjIuMTYuNzU2LjUuMzAuMS4xMjcuMy4xMC41fE5PUk0gcGVyc29uX2lkPTc2MTMzNzYxMDQxMTM1MzY1MF5eXiY7Mi4xNi43NTYuNS4zMC4xLjEyNy4zLjEwLjMmO0lTTyBwcm9maWxlIGVtYWlsIiwic2lkIjoiYjcwMDczMTYtOGIzNi00NTcyLWI0MzItNjNmMDIyYWZjYjY4IiwiZXh0ZW5zaW9ucyI6eyJjaF9lcHIiOnsidXNlcl9pZF9xdWFsaWZpZXIiOiJ1cm46Z3MxOmdsbiIsInVzZXJfaWQiOiI3NjAxMDAyNDY3MzczIn0sImloZV9pdWEiOnsicHVycG9zZV9vZl91c2UiOnsiY29kZSI6Ik5PUk0iLCJzeXN0ZW0iOiJ1cm46b2lkOjIuMTYuNzU2LjUuMzAuMS4xMjcuMy4xMC41In0sInBlcnNvbl9pZCI6Ijc2MTMzNzYxMDQxMTM1MzY1MF5eXiY7Mi4xNi43NTYuNS4zMC4xLjEyNy4zLjEwLjMmO0lTTyJ9fSwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJuYW1lIjoicnJleW5vbGRzIFJleW5vbGRzIiwicHJlZmVycmVkX3VzZXJuYW1lIjoicnJleW5vbGRzIiwiZ2l2ZW5fbmFtZSI6InJyZXlub2xkcyIsImZhbWlseV9uYW1lIjoiUmV5bm9sZHMifQ.Okho17-mFJGqE5xT3xkiCkCEFw0Jsxkm3zX7futpOII who was encoded with the key: MySecretSoSecret
You have to put in the file /opt/chiua/operational-preferences.properties:
audience=MySecretSoSecret
and in your file:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjQzNDQzOTI1LTRmZDMtNDgwMy04NmRmLTkzMmE5ZTg5Zjk4ZiJ9.eyJleHAiOjE4MzAxMjk4NzAsImlhdCI6MTczMDEyOTU3MCwiYXV0aF90aW1lIjoxNzMwMTI5NTQwLCJqdGkiOiI4YmI1ZWJiZi02YWUyLTRmNWUtODk5OS1iYWI3ZDE2MTFlODgiLCJpc3MiOiJodHRwczovL2VoZWFsdGhzdWlzc2UuaWhlLWV1cm9wZS5uZXQvaXVhLXNzby9yZWFsbXMvY2gtaXVhIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6ImU3OTlkZDA1LWFmMTQtNDM1ZS1iZjRmLTQ5YmFhYTE3ZTRjNCIsInR5cCI6IkJlYXJlciIsImF6cCI6ImNoLWl1YS1jbGllbnQiLCJzZXNzaW9uX3N0YXRlIjoiYjcwMDczMTYtOGIzNi00NTcyLWI0MzItNjNmMDIyYWZjYjY4IiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIvKiJdLCJyZWFsbV9hY2Nlc3MiOnsicm9sZXMiOlsiZGVmYXVsdC1yb2xlcy1jaC1pdWEiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJwdXJwb3NlX29mX3VzZT11cm46b2lkOjIuMTYuNzU2LjUuMzAuMS4xMjcuMy4xMC41fE5PUk0gcGVyc29uX2lkPTc2MTMzNzYxMDQxMTM1MzY1MF5eXiY7Mi4xNi43NTYuNS4zMC4xLjEyNy4zLjEwLjMmO0lTTyBwcm9maWxlIGVtYWlsIiwic2lkIjoiYjcwMDczMTYtOGIzNi00NTcyLWI0MzItNjNmMDIyYWZjYjY4IiwiZXh0ZW5zaW9ucyI6eyJjaF9lcHIiOnsidXNlcl9pZF9xdWFsaWZpZXIiOiJ1cm46Z3MxOmdsbiIsInVzZXJfaWQiOiI3NjAxMDAyNDY3MzczIn0sImloZV9pdWEiOnsicHVycG9zZV9vZl91c2UiOnsiY29kZSI6Ik5PUk0iLCJzeXN0ZW0iOiJ1cm46b2lkOjIuMTYuNzU2LjUuMzAuMS4xMjcuMy4xMC41In0sInBlcnNvbl9pZCI6Ijc2MTMzNzYxMDQxMTM1MzY1MF5eXiY7Mi4xNi43NTYuNS4zMC4xLjEyNy4zLjEwLjMmO0lTTyJ9fSwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJuYW1lIjoicnJleW5vbGRzIFJleW5vbGRzIiwicHJlZmVycmVkX3VzZXJuYW1lIjoicnJleW5vbGRzIiwiZ2l2ZW5fbmFtZSI6InJyZXlub2xkcyIsImZhbWlseV9uYW1lIjoiUmV5bm9sZHMifQ.Okho17-mFJGqE5xT3xkiCkCEFw0Jsxkm3zX7futpOII
audience