How To Get an Authentication Token for System Users Java Code Sample

System User automation - creating and exchanging authentication tokens

Overview

The following code sample, written in Java and leveraging the Spring Boot framework, programmatically manages the System User authentication process of obtaining an IBM Cloud IAM token and exchanging it for a Service ID token. You can utilize this code to help you get up and running quickly and start the process of automating the integration of your systems with the IBM Food Trust solution.

The code is a complete web service that can be deployed and run in your environment with a nominal configuration change. When the service starts, the API key stored in the configuration file is read and the token exchange process is executed. When the API is called, the expiration time on the token is checked and automatically renewed if it is expired. The inbound payload is then transmitted to IBM Food Trust and the result is returned.

The service utilizes Spring Boot and Gradle and was built for the following versions:

• Java 8
• Gradle 4.2.1
• Spring Boot 1.5.13.RELEASE

Disclaimer

This code is provided to help you get up and running quickly with authentication and data submission to IBM Food Trust. This code will be maintained for any future authentication changes, but it is not recommended that this code be used "as-is". In an enterprise environment, additional requirements may be dictated by your organization (e.g. logging, unit tests, health endpoints, statistics endpoints, etc.).

Configuration

You need to configure the service prior to running it, using the config.properties file. A sample configuration file is shown below. The service analyzes the value of the iftEnvironment variable; if the value is INTEGRATION, the integration environment properties are used. In all other cases, the PRODUCTION environment is assumed.

Specifically, you must configure the following variables:

• The API key and organization ID that were used in the initial token setup steps (detailed here)
• The IBM Food Trust environment ("INTEGRATION" or "PRODUCTION")

Sample config.properties file:

   iftApiKey=8r...sv
   iftEnvironment=INTEGRATION
   iftCloudIAMURL=https://iam.cloud.ibm.com/identity/token
   iftIntegrationOrgId=9dd5c...a1
   iftIntegrationAuthURL=https://sandbox.food.ibm.com/ift/api/identity-proxy/exchange_token/v1/organization/
   iftProductionOrgId=2af3b...d3
   iftProductionAuthURL=https://food.ibm.com/ift/api/identity-proxy/exchange_token/v1/organization/
   iftIntegrationURL=https://sandbox.food.ibm.com/ift/api/connector/v1/assets
   iftProductionURL=https://food.ibm.com/ift/api/connector/v1/assets

Usage

Complete the following steps to configure your system users to automatically obtain and renew authentication tokens:

1. Download the zip file and extract the contents to a working directory.
2. cd into the directory
3. Modify src/main/resource/config.properties (per the instructions above)
4. Execute gradle wrapper to build the project
5. Run the jar: java -jar build/libs/IFT_authentication_sample-*.jar
6. Post an XML payload to localhost:8080 E.g.:

curl -X POST \
http://localhost:8080 \
-H 'Accept: application/json' \
-H 'Content-Type: application/xml' \
-d '<insert XML text here>'