Using HTTPS with JWT token. (With solution/fix)

[KlaasVortex]

Using HTTPS with JWT token.

I want to talk to Auth0 api to automaticly update user-data. There is an api, but only over https and you need JWT keys to access this.

First time here. So be patient. Not sure if this is the right place for this.

There is the class Poco::Net::HTTPSStreamFactory which can handle the HTTPS call.

I used this example to build the HTTPS client

• https://gist.github.com/t-mat/5c1b68d56179d7af7e98

The only issue is that you cannot use JWT-token with this class since the HTTPRequest is used as a local variable in the open()
And to be able to sent the JWT token I would have to req.set("Authorization", "Bearer " );`
So near the req.set("Accept", "/"); code in the open()

Original Poco code

std::istream* HTTPSStreamFactory::open(const URI& uri)
{
	poco_assert (uri.getScheme() == "https" || uri.getScheme() == "http");

	<---- removed some code for clarity ---->

	HTTPRequest req(HTTPRequest::HTTP_GET, path, HTTPMessage::HTTP_1_1);
			
	<---- removed some code for clarity ---->

        req.set("Accept", "*/*");

So I have created a inherited class and made the HTTPRequest a private variable in the class and just copied the open function code and removed the local variable and renamed req to httpRequest.

class HTTPSStreamWithRequest : public Poco::Net::HTTPSStreamFactory
{
    Poco::Net::HTTPRequest httpRequest;
public:
    HTTPSStreamWithRequest();
    std::istream* open(const Poco::URI& uri);
    void addToRequest(const std::string& name, const std::string& value)  { httpRequest.set(name, value); }
};

• httpVariable.addToRequest("Authorization", "Bearer " );`

This way I can access the HTTPRequest and use JWT token. This works fine.

I expect that there are more people using https + JWT-keys. So my question, is this function missing in Poco or am I doing it wrong ?

[obiltschnig]

If you need more control over the HTTP(S) request, I'd suggest directly using the Poco::Net::HTTPSClientSession class. There's also related Poco::Net::HTTPSessionFactory to switch between HTTPClientSession and HTTPSClientSession based on URI.