diff --git a/app/classes/agent.php b/app/classes/agent.php
index 7d4c511..f84531a 100644
--- a/app/classes/agent.php
+++ b/app/classes/agent.php
@@ -110,6 +110,7 @@ class Agent {
}
}
+
// check for agent cache
public function checkAgentCache($agent_id) {
$agent_cache_name = $agent_id . '_cache';
@@ -117,6 +118,38 @@ class Agent {
return isset($_SESSION[$agent_cache_name]) && isset($_SESSION[$agent_cache_time]) && (time() - $_SESSION[$agent_cache_time] < 600);
}
+
+ // method for base64 URL encoding for JWT tokens
+ private function base64UrlEncode($data) {
+ return rtrim(strtr(base64_encode($data), '+/', '-_'), '=');
+ }
+
+
+ // generate a JWT token for jilo agent
+ public function generateAgentToken($payload, $secret_key) {
+
+ // header
+ $header = json_encode([
+ 'typ' => 'JWT',
+ 'alg' => 'HS256'
+ ]);
+ $base64Url_header = $this->base64UrlEncode($header);
+
+ // payload
+ $payload = json_encode($payload);
+ $base64Url_payload = $this->base64UrlEncode($payload);
+
+ // signature
+ $signature = hash_hmac('sha256', $base64Url_header . "." . $base64Url_payload, $secret_key, true);
+ $base64Url_signature = $this->base64UrlEncode($signature);
+
+ // build the JWT
+ $jwt = $base64Url_header . "." . $base64Url_payload . "." . $base64Url_signature;
+
+ return $jwt;
+ }
+
+
// fetch result from jilo agent API
public function fetchAgent($agent_id, $force = false) {
diff --git a/app/templates/agent-list.php b/app/templates/agent-list.php
index e067749..c79c468 100644
--- a/app/templates/agent-list.php
+++ b/app/templates/agent-list.php
@@ -10,6 +10,16 @@
endpoint: = htmlspecialchars($agent['url']) ?>= htmlspecialchars($agent['agent_endpoint']) ?>
+ 'Jilo Web',
+ 'aud' => $config['domain'],
+ 'iat' => time(),
+ 'exp' => time() + 3600,
+ 'agent_id' => $agent['id']
+ ];
+ $jwt = $agentObject->generateAgentToken($payload, $agent['secret_key']);
+?>
@@ -20,7 +30,4 @@
Result:
click a button to fetch data from the agent.- diff --git a/public_html/static/agents.js b/public_html/static/agents.js index ada61ec..af1f435 100644 --- a/public_html/static/agents.js +++ b/public_html/static/agents.js @@ -1,4 +1,4 @@ -function fetchData(agent_id, url, endpoint, force = false) { +function fetchData(agent_id, url, endpoint, jwtToken, force = false) { let counter = 0; const resultElement = document.getElementById("result" + agent_id); @@ -28,6 +28,9 @@ function fetchData(agent_id, url, endpoint, force = false) { return; // Exit the function early } + // send the token + xhr.setRequestHeader("Authorization", "Bearer " + jwtToken); + xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); // Set a timeout in milliseconds (10 seconds = 10000 ms)