POC - @Pratik Jain @Abhinav Jha
Objective: Auth required from internal/external systems to integrate Ask SDK / Web Package
The tenant is supposed to generate a JWT for a user, signed with client_secret (client_secret will be provided by ASK service), assuming the user is authenticated at the tenant end.
Note: Ask Service will share (client_id, client_secret) pair for the host service beforehand
JWT payload schema:
{
"user_profile_id": // user identifier (integer, string) <**required**>
"platform": // platform from which the request is being made <**required**>
"klass": // grade/class of student <**required**>
"client_name": "" // for analytics purpose, useful if different apps use same client_id <not necessary>
"name": "" // user's name, not a mandatory field
}
Tenant needs to pass the client_id and generated user JWT to the Ask SDK or Web package. Data required from the tenant:
Response format:
{
"data": {
"client_id": "<your-client-id-here>",
"token": "<your-JWT-token-here>",
},
"status": "success",
"status_code": 200,
"message": "",
"error_code": ""
}
import jwt
token_payload = {
"user_profile_id": "<user-profile-id>",
"platform": "<platform>",
"klass": "<grade>"
}
jwt.encode(payload=token_payload, key=client_secret, algorithm='HS256') // client_secret -> will be shared by ASK service
import jwt
options = {
'verify_signature': True,
'verify_exp': True
}
jwt.decode(jwt=token, key=client_secret, algorithms=['HS256'], options=options)