Generate Json Web Token (JWT) in ABAP.
If JWT profile is maintained in table ZJWT_PROFILE, use method get_jwt_by_profile() to derive JWT token by profile name.
DATA: jwt_generator TYPE REF TO zcl_jwt_generator,
jwt TYPE string.
CREATE OBJECT jwt_client.
jwt = jwt_client->get_jwt_by_profile( 'JWT_PROFILE_NAME' ).
If JWT profile is not maintained, use method generate_jwt() to derive JWT token.
REPORT zrpt_jwt_generator_demo.
DATA: jwt_generator TYPE REF TO zcl_jwt_generator.
DATA: jwt_header TYPE zcl_jwt_generator=>ty_jwt_header,
jwt_claim TYPE zcl_jwt_generator=>ty_jwt_claim.
DATA: exp_second TYPE int8,
ssf_info TYPE ssfinfo.
DATA: start_timestamp TYPE timestamp VALUE '19700101000000',
ssf_id TYPE ssfid VALUE '<implicit>',
"PSE profile with private key
ssf_profile TYPE ssfprof VALUE 'SAPZJWTSF001.pse'.
jwt_header-alg = 'RS256'.
jwt_claim = VALUE #( iss = 'UserID'
sub = 'example@gmail.com'
aud = 'https://login.example.com'
exp = exp_second ).
ssf_info = VALUE #( id = ssf_id profile = ssf_profile ).
CREATE OBJECT jwt_generator.
TRY.
jwt_generator->generate_jwt(
EXPORTING
jwt_header = jwt_header
jwt_claim = jwt_claim
ssf_info = ssfinfo
RECEIVING
jwt = DATA(jwt) ).
CATCH zcx_jwt_generator INTO DATA(lo_exp).
WRITE /: 'ERROR when generate JWT token.'.
WRITE /: lo_exp->get_text( ).
ENDTRY.
If JWT profile is maintained in table ZJWT_PROFILE, use method get_access_token_by_profile() to get JWT Access Token.
DATA: jwt_generator TYPE REF TO zcl_jwt_generator,
jwt_access_token TYPE string.
CREATE OBJECT jwt_client.
jwt_access_token = jwt_client->get_access_token_by_profile( 'JWT_PROFILE_NAME' ).
You can use method generate_jwt_with_secret() to generate a JWT with the secret key, like JWT Debugger.
GET TIME STAMP FIELD DATA(timestamp).
DATA(jwt_generator) = NEW zcl_jwt_generator( ).
TRY.
DATA(jwt_result) =
jwt_generator->generate_jwt_with_secret(
jwt_header = VALUE #( alg = 'HS256' typ = 'JWT' )
jwt_claim = VALUE #( sub = '1234567890'
name = 'John Doe'
iat = jwt_generator->convert_abap_timestamp_to_unix( timestamp ) )
secret = '1WRAv0Usf90-jr2W7UQBQBLvIBBFq8vumq-VzrR3h7E'
algorithm = 'SHA256' ).
CATCH zcx_jwt_generator INTO DATA(lx_jwt).
ENDTRY.
Class ZCL_JWT_Generator is modified from Dimitri Seifmann's post Connect from AS ABAP to Google Cloud Platform App-Engine resource secured with Google Identity-Aware Proxy.