How to generate JWT token in sap abap

former_member606596 · ‎06-17-2019

Hello guys,

How to generate JWT Token using SAP ABAP code, and self sign it?. Can you help me out here

UweFetzer_se38 · ‎06-17-2019

If JWT stands for JSON Web Token, than there is no standard way to create a token via ABAP (as far as I know). but you are invited to write an Open Source solution for that 😉

p244500 · ‎06-17-2019

Hi,

Follow below link , you will get idea.

Guide for User Authentication and Authorization in SAP Cloud Platform

PI REST Adapter – Define custom http header elements

Single Sign-On Using JSON

Microservices Security with OAuth 2 and JSON Web Tokens

Regards,

Nawa

former_member606596 · ‎06-18-2019

Hi,

I went through these documents, but none of them explains how to generate JWT tokens using abap.

former_member324164 · ‎01-16-2020

Hi, i dont't know if this is still current but there is a simple way to generate JWTs in ABAP.

Have a look at this blog: https://blogs.sap.com/2019/11/10/connect-from-as-abap-to-google-cloud-platform-app-engine-resource-s...

nadimiqbal · ‎06-24-2020

I have private key, need to sign with RS256 algorithm. Do not have P12 file. Not sure how to proceed further.

fellipe_mendes · ‎03-18-2021

Hi Nadim, I'm facing the same situation, I don't have the P12 file, just the private and public key.
Please, did you find any solution for this?
Thanks in advance.

former_member6134 · ‎07-31-2020

hi Nikhil - I have similar requirement to decode the JWT. Is it solved?

mnietor · ‎01-28-2023

Hi fellipe.mendes I'm facing the same situation.

¿Please, did you find any solution for this?

Thanks in advance.

fellipe_mendes · ‎01-30-2023

Hello Miguel.

We implemented a Java script in PI to sign the document.

Regards,

Fellipe

mbsapuserabapuos1 · ‎01-08-2024

Finally found a way forward using OPENSSL commands to generate the JWS called from ABAP function SXPG_COMMAND_EXECUTE_LONG.

  lv_command = 'ZGENJWT01'. "SM49/SM69 OS command
  param1 = 'X'.  "ignored
  long_parm = {base64hdr.base64payload}.

* call OPENSSL to generate JWS

  CALL FUNCTION 'SXPG_COMMAND_EXECUTE_LONG'
    EXPORTING
      commandname                   = lv_command
      additional_parameters         = param1
      targetsystem                  = lv_host
      long_params                   = long_parm
    TABLES
      exec_protocol                 = result
    EXCEPTIONS
      no_permission                 = 1
      command_not_found             = 2
      parameters_too_long           = 3
      security_risk                 = 4
      wrong_check_call_interface    = 5
      program_start_error           = 6
      program_termination_error     = 7
      x_error                       = 8
      parameter_expected            = 9
      too_many_parameters           = 10
      illegal_command               = 11
      wrong_asynchronous_parameters = 12
      cant_enq_tbtco_entry          = 13
      jobcount_generation_error     = 14
      OTHERS                        = 15.

---

SM49 : Customer ZGENJWT01 SunOS /usr/sap/DEV/DVEBMGS00/GENJWT01.sh

---

GENJWT01.sh : -->

#!/bin/sh
PARAM1=$1
PARAM2=$2
printf '%s' "$PARAM2" | \
openssl dgst -sha256 -sign /usr/sap/DEV/DVEBMGS00/priv_key.pem -binary | \
openssl base64 | \
tr -- '+/=' '-_ ' | tr -d '\n'

( ensure script is executable with chmod +x GENJWT01.sh)

( user requires Auth object S_LOG_COM to execute from SAP front end)

( private key placed in .pem file on server)

( When load balancing is being used ensure LV_HOST = '{mainappserver}' )

https://superuser.com/questions/1419155/generating-jwt-rs256-signature-with-openssl